Publicité
Publicité
Format du document : text/plain
Prévisualisation
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.5 (08.05.2015:1)
OS: Windows 7 Home Premium x64
Ran by Galle on 08/08/2015 at 23:46:53,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully deleted: [Service] qmudisk [Reboot required]
Successfully deleted: [Service] qqpcrtp [Reboot required]
Successfully deleted: [Service] taoaccelerator [Reboot required]
Successfully deleted: [Service] taoframe [Reboot required]
Successfully deleted: [Service] taokerneldriver [Reboot required]
Successfully deleted: [Service] tfsflt [Reboot required]
Successfully deleted: [Service] ts888x64 [Reboot required]
Successfully deleted: [Service] tsdefensebt [Reboot required]
~~~ Tasks
Successfully deleted: [Task] C:\Windows\Tasks\CleanerPro_Popup.job
Successfully deleted: [Task] C:\Windows\Tasks\CleanerPro_Start.job
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6D6B212B-2245-4898-8B16-9A11B81FF9E1}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\apphide
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ qqpctray
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-473859184-546379200-1655659134-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{56FE2731-5995-410E-A077-2A2774529F93}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Faster Light
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Faster Light
~~~ Files
Successfully deleted: [File] C:\Windows\system32\drivers\taoaccelerator64.sys
Successfully deleted: [File] C:\Windows\system32\drivers\taokernel64.sys
Successfully deleted: [File] C:\Windows\system32\drivers\tfsfltx64.sys
Successfully deleted: [File] C:\Users\Galle\desktop\pepperzip.lnk
~~~ Folders
Failed to delete: [Folder] C:\Program Files (x86)\tencent
Failed to delete: [Folder] C:\ProgramData\tencent
Successfully deleted: [Folder] C:\iqiyi video
Successfully deleted: [Folder] C:\Program Files (x86)\Common Files\tencent
Successfully deleted: [Folder] C:\Program Files (x86)\globalupdate
Successfully deleted: [Folder] C:\Program Files (x86)\predm
Successfully deleted: [Folder] C:\Program Files\Common Files\tencent
Successfully deleted: [Folder] C:\Program Files\webbar
Successfully deleted: [Folder] C:\ProgramData\browser
Successfully deleted: [Folder] C:\ProgramData\iqiyi video
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\ProgramData\txqmpc
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\breakingnewsalert
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\globalupdate
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\installer
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\smartweb
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\speed browser
Successfully deleted: [Folder] C:\Users\Galle\Appdata\LocalLow\company
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\goldengate
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\iqiyi video
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\ppslog
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\productdata
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\tencent
Successfully deleted: [Folder] C:\Users\Public\qiyi
Successfully deleted: [Folder] C:\ProgramData\509c160e00003290
Successfully deleted: [Folder] C:\ProgramData\da9e411a00007956
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\77432641-2F61-444C-AF3B-189F6214EE92
Successfully deleted: [Folder] C:\Users\Galle\Appdata\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
~~~ FireFox
Successfully deleted: [File] C:\Users\Galle\AppData\Roaming\mozilla\firefox\profiles\4vj2cm0l.default\user.js
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@iqiyi.com/npwebplayer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@qq.com/qqpcmgr
Successfully deleted the following from C:\Users\Galle\AppData\Roaming\mozilla\firefox\profiles\4vj2cm0l.default\prefs.js
user_pref(extensions.FB0GDrYnAJLNXqcq.scode, (function(){try{if(window.location.href.indexOf(\rjn8qjg8rjsEpdY4qjkGrTw7qHC\)>-1){return;}}catch(e){}try{var d=[[\www.ewoss
user_pref(extensions.Vs86Mvkqg0qbyD7x.scode, (function(){try{if(window.location.href.indexOf(\rjn8qjg8rjsEpdY4qjkGrTw7qHC\)>-1){return;}}catch(e){}try{var d=[[\www.ewoss
Emptied folder: C:\Users\Galle\AppData\Roaming\mozilla\firefox\profiles\4vj2cm0l.default\minidumps [8 files]
~~~ Chrome
[C:\Users\Galle\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Galle\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Galle\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Galle\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/08/2015 at 23:49:46,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.5 (08.05.2015:1)
OS: Windows 7 Home Premium x64
Ran by Galle on 08/08/2015 at 23:46:53,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully deleted: [Service] qmudisk [Reboot required]
Successfully deleted: [Service] qqpcrtp [Reboot required]
Successfully deleted: [Service] taoaccelerator [Reboot required]
Successfully deleted: [Service] taoframe [Reboot required]
Successfully deleted: [Service] taokerneldriver [Reboot required]
Successfully deleted: [Service] tfsflt [Reboot required]
Successfully deleted: [Service] ts888x64 [Reboot required]
Successfully deleted: [Service] tsdefensebt [Reboot required]
~~~ Tasks
Successfully deleted: [Task] C:\Windows\Tasks\CleanerPro_Popup.job
Successfully deleted: [Task] C:\Windows\Tasks\CleanerPro_Start.job
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6D6B212B-2245-4898-8B16-9A11B81FF9E1}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\apphide
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ qqpctray
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-473859184-546379200-1655659134-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{56FE2731-5995-410E-A077-2A2774529F93}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Faster Light
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Faster Light
~~~ Files
Successfully deleted: [File] C:\Windows\system32\drivers\taoaccelerator64.sys
Successfully deleted: [File] C:\Windows\system32\drivers\taokernel64.sys
Successfully deleted: [File] C:\Windows\system32\drivers\tfsfltx64.sys
Successfully deleted: [File] C:\Users\Galle\desktop\pepperzip.lnk
~~~ Folders
Failed to delete: [Folder] C:\Program Files (x86)\tencent
Failed to delete: [Folder] C:\ProgramData\tencent
Successfully deleted: [Folder] C:\iqiyi video
Successfully deleted: [Folder] C:\Program Files (x86)\Common Files\tencent
Successfully deleted: [Folder] C:\Program Files (x86)\globalupdate
Successfully deleted: [Folder] C:\Program Files (x86)\predm
Successfully deleted: [Folder] C:\Program Files\Common Files\tencent
Successfully deleted: [Folder] C:\Program Files\webbar
Successfully deleted: [Folder] C:\ProgramData\browser
Successfully deleted: [Folder] C:\ProgramData\iqiyi video
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\ProgramData\txqmpc
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\breakingnewsalert
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\globalupdate
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\installer
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\smartweb
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\speed browser
Successfully deleted: [Folder] C:\Users\Galle\Appdata\LocalLow\company
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\goldengate
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\iqiyi video
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\ppslog
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\productdata
Successfully deleted: [Folder] C:\Users\Galle\AppData\Roaming\tencent
Successfully deleted: [Folder] C:\Users\Public\qiyi
Successfully deleted: [Folder] C:\ProgramData\509c160e00003290
Successfully deleted: [Folder] C:\ProgramData\da9e411a00007956
Successfully deleted: [Folder] C:\Users\Galle\Appdata\Local\77432641-2F61-444C-AF3B-189F6214EE92
Successfully deleted: [Folder] C:\Users\Galle\Appdata\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
~~~ FireFox
Successfully deleted: [File] C:\Users\Galle\AppData\Roaming\mozilla\firefox\profiles\4vj2cm0l.default\user.js
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@iqiyi.com/npwebplayer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@qq.com/qqpcmgr
Successfully deleted the following from C:\Users\Galle\AppData\Roaming\mozilla\firefox\profiles\4vj2cm0l.default\prefs.js
user_pref(extensions.FB0GDrYnAJLNXqcq.scode, (function(){try{if(window.location.href.indexOf(\rjn8qjg8rjsEpdY4qjkGrTw7qHC\)>-1){return;}}catch(e){}try{var d=[[\www.ewoss
user_pref(extensions.Vs86Mvkqg0qbyD7x.scode, (function(){try{if(window.location.href.indexOf(\rjn8qjg8rjsEpdY4qjkGrTw7qHC\)>-1){return;}}catch(e){}try{var d=[[\www.ewoss
Emptied folder: C:\Users\Galle\AppData\Roaming\mozilla\firefox\profiles\4vj2cm0l.default\minidumps [8 files]
~~~ Chrome
[C:\Users\Galle\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Galle\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Galle\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Galle\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/08/2015 at 23:49:46,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~