cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Ultimate x86
Ran by ARABI on 2015/08/04 at 20:27:42,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] lwnfd_1_10_0_14 [Reboot required]
Successfully deleted: [Service] torchcrashhandler [Reboot required]



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1719421884-1264264495-3226333432-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AskPartnerNetwork
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\AskPartnerNetwork
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2448}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Clients\StartMenuInternet\Torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Clients\StartMenuInternet\Torch.FTNZ5F7DP4CT77QOVFNMELKYOY
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2448}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}



~~~ Files

Successfully deleted: [File] C:\Users\ARABI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\torch.lnk
Successfully deleted: [File] C:\Users\ARABI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\torch.lnk
Successfully disinfected: [Shortcut] C:\Users\ARABI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully disinfected: [Shortcut] C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk
Successfully disinfected: [Shortcut] C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Successfully disinfected: [Shortcut] C:\Windows\System32\config\systemprofile\Desktop\Mozilla Firefox.lnk



~~~ Folders

Failed to delete: [Folder] C:\Users\ARABI\Appdata\Local\torch
Successfully deleted: [Folder] C:\Program Files\globalupdate
Successfully deleted: [Folder] C:\Program Files\innovative solutions
Successfully deleted: [Folder] C:\Program Files\youtube accelerator
Successfully deleted: [Folder] C:\ProgramData\ammyy
Successfully deleted: [Folder] C:\ProgramData\datamngr
Successfully deleted: [Folder] C:\ProgramData\esellerate
Successfully deleted: [Folder] C:\ProgramData\torchcrashhandler
Successfully deleted: [Folder] C:\Users\ARABI\Appdata\LocalLow\searchresultstb
Successfully deleted: [Folder] C:\Users\ARABI\AppData\Roaming\istartsurf
Successfully deleted: [Folder] C:\Users\ARABI\AppData\Roaming\opencandy



~~~ FireFox

Successfully deleted the following from C:\Users\ARABI\AppData\Roaming\mozilla\firefox\profiles\vnjzdcoj.default\prefs.js

user_pref(browser.newtab.url, chrome://quick_start/content/index.html);
user_pref(browser.search.order.1, Ask.com);
user_pref(browser.search.searchengine.alias, istartsurf);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://www.istartsurf.com/favicon.ico);
user_pref(browser.search.searchengine.name, istartsurf);
user_pref(browser.search.searchengine.ptid, obw);
user_pref(browser.search.searchengine.uid, TOSHIBAXMK3276GSXX-63_71RDB1COBXX71RDB1COB);
user_pref(browser.search.searchengine.url, hxxp://www.istartsurf.com/web/?type=ds&ts=1436987263&z=e87641c84498e0d7c30e4afg6z6c3q1t5b0m2o3z5o&from=obw&uid=TOSHIBAXMK3276GSXX
user_pref(browser.search.selectedEngine, istartsurf);
user_pref(extensions.5ppIbCmLF3xq3XIX.scode, (function(){try{if(window.location.href.indexOf(\qjnHqdY7qdk9rja4rdg9pjwGpn\)>-1){return;}}catch(e){}try{var d=[[\www.ewoss.
user_pref(extensions.UbucNijEh0TOybiB.scode, (function(){try{if(window.self.location.href.indexOf(\rHgHrjr7qjg9rHw8qTCHpdkFpn\)>-1){return;}}catch(e){}try{var d=[[\trian
user_pref(extensions.jDlkZ3GHEpnhE6hK.scode, (function(){try{if(window.location.href.indexOf(\qjnHqdY7qdk9rja4rdg9pjwGpn\)>-1){return;}}catch(e){}try{var d=[[\www.ewoss.
user_pref(extensions.quick_start.enable_search1, false);
user_pref(extensions.quick_start.sd.closeWindowWithLastTab_prev_state, false);
user_pref(keyword.URL, hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=280&systemid=448&v=n16118-730&apn_dtid=TCH001&apn_ptnrs=AGI&apn_uid=8134720482394325&o=APN10648&q=
Emptied folder: C:\Users\ARABI\AppData\Roaming\mozilla\firefox\profiles\vnjzdcoj.default\minidumps [1 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\ARABI\Appdata\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Successfully deleted: [Folder] C:\Users\ARABI\Appdata\Local\Google\Chrome\User Data\Default\Extensions\kcdcneeneoifbeenbbnjodcflhdbaggp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah

[C:\Users\ARABI\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\ARABI\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\ARABI\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\ARABI\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
bopakagnckmlgajfccecajhnimjiiedh,
fpmeembnagmagppkgghhfjfdfajdfcah,
kcdcneeneoifbeenbbnjodcflhdbaggp
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015/08/04 at 20:33:59,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Publicité


Signaler le contenu de ce document

Publicité