cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x86) Version: 29-05-2015
Ran by user at 2015-06-02 22:03:01 Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Boot Mode: Normal

==============================================

fixlist content:
*****************
closeprocesses:
emptytemp:
Task: {7CF254AB-D22A-4B16-B2E7-1CF56C9B6D66} - System32\Tasks\NEDS => C:\Users\user\AppData\Roaming\NEDS.exe <==== ATTENTION
Task: C:\Windows\Tasks\NEDS.job => C:\Users\user\AppData\Roaming\NEDS.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8
AlternateDataStreams: C:\ProgramData\TEMP:E97EB2E7
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S0 vmci; system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S2 Apache2.4; "C:\xampp\apache\bin\httpd.exe" -k runservice [X]
S2 FileZillaServer; "C:\xampp\filezillaftp\filezillaserver.exe" [X]
S2 mysql; C:\xampp\mysql\bin\mysqld.exe --defaults-file=c:\xampp\mysql\bin\my.ini mysql
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S2 SparkSvc; "C:\Program Files\baidu\Spark\sparkservice.exe" -r [X]
S3 SparkUpdater; C:\Program Files\Baidu\SparkUpdate\Sparkupdate.exe [X]
S2 Tomcat7; C:\xampp\tomcat\bin\tomcat7.exe //RS//Tomcat7 [X]
CHR HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\user\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
Tcpip\..\Interfaces\{6BD72A42-7241-40AC-A052-B270110B3F15}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{81756319-4C89-4EF6-8491-C967EBB35DD3}: [NameServer] 62.251.230.241 212.217.1.1
Tcpip\..\Interfaces\{AC0B69AE-A9E9-4137-AAA5-E07DFE412D37}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{E87AF73E-A33E-477B-94B1-89CAFC2731E0}: [NameServer] 192.168.50.58 192.168.60.55
Tcpip\..\Interfaces\{EE504374-3961-423C-9219-3DB2D19EAB72}: [NameServer] 62.251.230.241 212.217.1.1
ProxyServer: [S-1-5-21-1100337586-554544947-3787655957-1000] => 10.10.19.1:3128
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {12b66279-54a7-11e4-a0a0-001e101f57d0} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {2ec59203-82e3-11e4-80ac-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {3674b74c-4577-11e4-a3e2-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {3674c262-4577-11e4-a3e2-baf254789200} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {3674c2bf-4577-11e4-a3e2-baf254789200} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {36b7448b-4c8e-11e4-a6ff-001e101f21c1} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {43530453-92b5-11e4-8208-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {62d28073-69d1-11e4-ac0d-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {6658a403-c4f8-11e4-b8f3-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {6658a45a-c4f8-11e4-b8f3-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {74586f76-6a4b-11e4-ac20-e0ca9433c18c} - H:\setup.exe -a
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {7f76ac27-d2fd-11e4-ab13-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {86630bd5-8238-11e4-9362-001e101f1f81} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {b44ea707-548c-11e4-a0a0-001e101f57d0} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {b44ea7c6-548c-11e4-a0a0-001e101f57d0} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {bfdb1d9f-f8a2-11e4-af13-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {bfdb1daa-f8a2-11e4-af13-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {cdd37be3-c665-11e4-b769-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {cef7c0ef-f31a-11e4-a8af-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {cef7c10a-f31a-11e4-a8af-e811329a6aa4} - H:\AutoRun.exe
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\...\MountPoints2: {e74aeb11-ab0a-11e4-95de-001e101f1ed9} - H:\autorun.exe
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
Hosts:

*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7CF254AB-D22A-4B16-B2E7-1CF56C9B6D66}" => key Removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CF254AB-D22A-4B16-B2E7-1CF56C9B6D66}" => key Removed successfully.
C:\Windows\System32\Tasks\NEDS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NEDS" => key Removed successfully.
C:\Windows\Tasks\NEDS.job => Moved successfully.
C:\ProgramData\TEMP => ":CB0AACC9" ADS Removed successfully..
C:\ProgramData\TEMP => ":DBC416F8" ADS Removed successfully..
C:\ProgramData\TEMP => ":E97EB2E7" ADS Removed successfully..
VGPU => Service Removed successfully.
vmci => Service Removed successfully.
VMnetAdapter => Service Removed successfully.
Apache2.4 => Service Removed successfully.
FileZillaServer => Service Removed successfully.
mysql => Service Removed successfully.
rpcapd => Service Removed successfully.
SparkSvc => Service Removed successfully.
SparkUpdater => Service Removed successfully.
Tomcat7 => Service Removed successfully.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf" => key Removed successfully.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key Removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6BD72A42-7241-40AC-A052-B270110B3F15}\\NameServer => value Removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{81756319-4C89-4EF6-8491-C967EBB35DD3}\\NameServer => value Removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AC0B69AE-A9E9-4137-AAA5-E07DFE412D37}\\NameServer => value Removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E87AF73E-A33E-477B-94B1-89CAFC2731E0}\\NameServer => value Removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EE504374-3961-423C-9219-3DB2D19EAB72}\\NameServer => value Removed successfully.
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value Removed successfully.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => key Removed successfully.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12b66279-54a7-11e4-a0a0-001e101f57d0}" => key Removed successfully.
HKCR\CLSID\{12b66279-54a7-11e4-a0a0-001e101f57d0} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ec59203-82e3-11e4-80ac-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{2ec59203-82e3-11e4-80ac-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3674b74c-4577-11e4-a3e2-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{3674b74c-4577-11e4-a3e2-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3674c262-4577-11e4-a3e2-baf254789200}" => key Removed successfully.
HKCR\CLSID\{3674c262-4577-11e4-a3e2-baf254789200} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3674c2bf-4577-11e4-a3e2-baf254789200}" => key Removed successfully.
HKCR\CLSID\{3674c2bf-4577-11e4-a3e2-baf254789200} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36b7448b-4c8e-11e4-a6ff-001e101f21c1}" => key Removed successfully.
HKCR\CLSID\{36b7448b-4c8e-11e4-a6ff-001e101f21c1} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43530453-92b5-11e4-8208-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{43530453-92b5-11e4-8208-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62d28073-69d1-11e4-ac0d-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{62d28073-69d1-11e4-ac0d-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6658a403-c4f8-11e4-b8f3-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{6658a403-c4f8-11e4-b8f3-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6658a45a-c4f8-11e4-b8f3-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{6658a45a-c4f8-11e4-b8f3-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74586f76-6a4b-11e4-ac20-e0ca9433c18c}" => key Removed successfully.
HKCR\CLSID\{74586f76-6a4b-11e4-ac20-e0ca9433c18c} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f76ac27-d2fd-11e4-ab13-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{7f76ac27-d2fd-11e4-ab13-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86630bd5-8238-11e4-9362-001e101f1f81}" => key Removed successfully.
HKCR\CLSID\{86630bd5-8238-11e4-9362-001e101f1f81} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b44ea707-548c-11e4-a0a0-001e101f57d0}" => key Removed successfully.
HKCR\CLSID\{b44ea707-548c-11e4-a0a0-001e101f57d0} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b44ea7c6-548c-11e4-a0a0-001e101f57d0}" => key Removed successfully.
HKCR\CLSID\{b44ea7c6-548c-11e4-a0a0-001e101f57d0} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfdb1d9f-f8a2-11e4-af13-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{bfdb1d9f-f8a2-11e4-af13-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfdb1daa-f8a2-11e4-af13-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{bfdb1daa-f8a2-11e4-af13-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cdd37be3-c665-11e4-b769-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{cdd37be3-c665-11e4-b769-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cef7c0ef-f31a-11e4-a8af-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{cef7c0ef-f31a-11e4-a8af-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cef7c10a-f31a-11e4-a8af-e811329a6aa4}" => key Removed successfully.
HKCR\CLSID\{cef7c10a-f31a-11e4-a8af-e811329a6aa4} => key not found.
"HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e74aeb11-ab0a-11e4-95de-001e101f1ed9}" => key Removed successfully.
HKCR\CLSID\{e74aeb11-ab0a-11e4-95de-001e101f1ed9} => key not found.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value Removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value Removed successfully.
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value Removed successfully.
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value Removed successfully.
HKU\S-1-5-21-1100337586-554544947-3787655957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value Removed successfully.


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= netsh winsock reset catalog =========


Le catalogue Winsock a �t� r�initialis� correctement.
Vous devez red�marrer l'ordinateur afin de finaliser la r�initialisation.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

R�initialisation de G�n�ral, OK�!
R�initialisation de Interface, OK�!
R�initialisation de Adresse unicast, OK�!
R�initialisation de Routage, OK�!
Red�marrez l'ordinateur pour terminer cette action.


========= End of CMD: =========


========= ipconfig /release =========


Configuration IP de Windows

Aucune op�ration ne peut �tre effectu�e sur Connexion r�seau sans fil lorsque
son m�dia est d�connect�.

========= End of CMD: =========


========= ipconfig /renew =========


Configuration IP de Windows

Aucune op�ration ne peut �tre effectu�e sur Connexion r�seau sans fil lorsque
son m�dia est d�connect�.
Aucune op�ration ne peut �tre effectu�e sur Connexion au r�seau local lorsque
son m�dia est d�connect�.

========= End of CMD: =========


========= netsh int ipv4 reset =========

Il n'y a aucun param�tre sp�cifi� par l'utilisateur � r�initialiser.


========= End of CMD: =========


========= netsh int ipv6 reset =========

R�initialisation de Interface, OK�!
Red�marrez l'ordinateur pour terminer cette action.


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuration IP de Windows

Cache de r�solution DNS vid�.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {91933FD0-D13B-4670-975B-07BEA09B9FD4}.
{087C1CD8-3BE9-4902-8C03-F66FE4E7CB81} canceled.
1 out of 2 jobs canceled.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts restored successfully.
EmptyTemp: => Removed 1.1 GB temporary data.


The system needed a reboot.

==== End of Fixlog 22:09:38 ====

Publicité


Signaler le contenu de ce document

Publicité