cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.5 (08.05.2015:1)
OS: Windows 7 Ultimate x64
Ran by Rayhane on 11/08/2015 at 10:00:53,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] comyninu [Reboot required]
Successfully deleted: [Service] hyverumu [Reboot required]
Successfully deleted: [Service] ihprotect service [Reboot required]
Successfully deleted: [Service] wihovycu [Reboot required]
Successfully deleted: [Service] windowsmangerprotect [Reboot required]



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\APSnotifierPP1
Successfully deleted: [Task] C:\Windows\system32\tasks\APSnotifierPP2
Successfully deleted: [Task] C:\Windows\system32\tasks\APSnotifierPP3
Successfully deleted: [Task] C:\Windows\system32\tasks\DriverToolkit Autorun
Successfully deleted: [Task] C:\Windows\system32\tasks\NVIDIA Stereoscopic 3D Driver Service32
Successfully deleted: [Task] C:\Windows\Tasks\0rRUnr3YCsF1C.job
Successfully deleted: [Task] C:\Windows\Tasks\APSnotifierPP1.job
Successfully deleted: [Task] C:\Windows\Tasks\APSnotifierPP2.job
Successfully deleted: [Task] C:\Windows\Tasks\APSnotifierPP3.job
Successfully deleted: [Task] C:\Windows\Tasks\DriverToolkit Autorun.job
Successfully deleted: [Task] C:\Windows\Tasks\K0A8wLFnYPwIbZoCa9tYv.job



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\apphide
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1568814939-1179210705-2053827385-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AskPartnerNetwork
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\AskPartnerNetwork
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Round World
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\windowsmangerprotect



~~~ Files

Successfully deleted: [File] C:\Users\Rayhane\Appdata\Local\nscD134.tmp
Successfully deleted: [File] C:\Users\Rayhane\Appdata\Local\nso676A.tmp
Successfully deleted: [File] C:\Users\Rayhane\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.mystartsearch.com_0.localstorage
Successfully deleted: [File] C:\Users\Rayhane\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.mystartsearch.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Rayhane\AppData\Roaming\0rRUnr3YCsF1C
Successfully deleted: [File] C:\Users\Rayhane\AppData\Roaming\0rRUnr3YCsF1C.exe
Successfully deleted: [File] C:\Users\Rayhane\AppData\Roaming\K0A8wLFnYPwIbZoCa9tYv
Successfully deleted: [File] C:\Users\Rayhane\AppData\Roaming\K0A8wLFnYPwIbZoCa9tYv.exe



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\globalupdate
Successfully deleted: [Folder] C:\Program Files (x86)\miuitab
Successfully deleted: [Folder] C:\ProgramData\ihprotectupdate
Successfully deleted: [Folder] C:\Users\Rayhane\Appdata\Local\globalupdate
Successfully deleted: [Folder] C:\Users\Rayhane\AppData\Roaming\cpuminer
Successfully deleted: [Folder] C:\Users\Rayhane\AppData\Roaming\systweak



~~~ FireFox

Successfully deleted: [File] C:\Users\Rayhane\AppData\Roaming\mozilla\firefox\profiles\d48oqkvs.default\user.js
Successfully deleted: [File] C:\Users\Rayhane\AppData\Roaming\mozilla\firefox\profiles\d48oqkvs.default\searchplugins\mystartsearch.xml
Successfully deleted the following from C:\Users\Rayhane\AppData\Roaming\mozilla\firefox\profiles\d48oqkvs.default\prefs.js

user_pref(browser.newtab.url, hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1439277815&z=ec349e3ddf52e87ed651dc6g5z1c4tbo8b3g7c2cdq&from=cmi&uid=WDCXWD3200AVJS-63WDA0_WD-
user_pref(browser.search.searchengine.alias, mystartsearch);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://www.mystartsearch.com/favicon.ico);
user_pref(browser.search.searchengine.name, mystartsearch);
user_pref(browser.search.searchengine.ptid, cmi);
user_pref(browser.search.searchengine.uid, WDCXWD3200AVJS-63WDA0_WD-WCARW561455514555);
user_pref(browser.search.searchengine.url, hxxp://www.mystartsearch.com/web/?type=ds&ts=1439277815&z=ec349e3ddf52e87ed651dc6g5z1c4tbo8b3g7c2cdq&from=cmi&uid=WDCXWD3200AVJS-
user_pref(browser.startup.homepage, hxxp://www.mystartsearch.com/?type=hppp&ts=1439211594&z=2ae2a08e118a2e7e91cc02fg8zacet2obg7w6g0gfq&from=cmi&uid=WDCXWD3200AVJS-63WDA0_WD
user_pref(extensions.xpiState, {\app-profile\:{\default_newtabff@gmail.com\:{\d\:\C:\\\\Users\\\\Rayhane\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\d



~~~ Chrome


[C:\Users\Rayhane\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Rayhane\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Rayhane\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Rayhane\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/08/2015 at 10:04:02,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Publicité


Signaler le contenu de ce document

Publicité