~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.7 (10.15.2013:3) OS: Windows 7 Home Premium x64 Ran by Adeline on dim. 27/10/2013 at 16:31:02,00 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [Service] cltmngsvc Successfully deleted: [Service] cltmngsvc ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-663470961-3329961963-707833121-1001\Software\Microsoft\Internet Explorer\Main\\Start Page ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-663470961-3329961963-707833121-1001\Software\SweetIM Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_free-youtube-download_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_free-youtube-download_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_free-youtube-download_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_free-youtube-download_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\premium" Successfully deleted: [Folder] "C:\Users\Adeline\AppData\Roaming\dvdvideosoftiehelpers" Successfully deleted: [Folder] "C:\Users\Adeline\AppData\Roaming\pdfforge" Successfully deleted: [Folder] "C:\Users\Adeline\appdata\local\searchprotect" Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect" ~~~ FireFox Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{acaa314b-eeba-48e4-ad47-84e31c44796c} Successfully deleted the following from C:\Users\Adeline\AppData\Roaming\mozilla\firefox\profiles\s21wghob.default\prefs.js user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=EB_SSPV&Lay=1&UM=2&UP=SPB12D3A1F-793B-44E5-8F71-D94 user_pref("extensions.helperbar.SmartbarDisabled", false); user_pref("extensions.helperbar.SmartbarStateMinimaized", false); user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B3293ab39-0f69-48bb-a8de-d59b515cc1e4%7D&mid=398f30bdfe3e47d0945bc1f60eb1684a-efc1905280bff9c42d3a1b2cee7c5c45959 Emptied folder: C:\Users\Adeline\AppData\Roaming\mozilla\firefox\profiles\s21wghob.default\minidumps [173 files] ~~~ Chrome Successfully deleted: [Folder] C:\Users\Adeline\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ~~~ Event Viewer Logs were cleared Voici le rapport d'analyse ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on dim. 27/10/2013 at 16:36:08,45 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~