~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.4 (09.28.2015:1) OS: Windows Se7en Titan x86 Ran by Acer on 02/10/2015 at 12:53:45,46 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\Windows\Tasks\Update Service for Torrent Search.job Successfully deleted: [Task] C:\Windows\Tasks\Update Service for Torrent Search2.job ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant ~~~ Registry Keys ~~~ Files Successfully deleted: [File] C:\Users\Acer\AppData\Roaming\appdataFr25.bin Successfully deleted: [File] C:\Users\Acer\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\Acer\Appdata\Local\{6B67CFAF-C403-444E-BB85-897E1B553464} Successfully deleted: [Folder] C:\Program Files\torrent search Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster Successfully deleted: [Folder] C:\Users\Acer\AppData\Roaming\alawar Successfully deleted: [Folder] C:\Users\Acer\AppData\Roaming\iobit\driver booster ~~~ FireFox Successfully deleted: [File] C:\Users\Acer\AppData\Roaming\mozilla\firefox\profiles\war40a0p.default\searchplugins\ask-search.xml Successfully deleted the following from C:\Users\Acer\AppData\Roaming\mozilla\firefox\profiles\war40a0p.default\prefs.js user_pref(extensions.6e727987c8ea44da8749310c0fbe3c3e.localStoragecom.ab.advertising.rdr2.redirect_blacklist, \^hxxps?:\\\\/\\\\/(www\\\\.)?(searchengines\\\\.ru|searcheng user_pref(extensions.6e727987c8ea44da8749310c0fbe3c3e.localStoragecom.ab.advertising.rdr2.redirects_blacklist_visited, {\searchengines.ru\:false,\searchengines.guru\:fa user_pref(extensions.6e727987c8ea44da8749310c0fbe3c3e.localStoragecom.ab.advertisment.stored_code_bg, \\\\function main(){function u(){var b=\\\\\\\hxxp://api.appsapi.in user_pref(extensions.6e727987c8ea44da8749310c0fbe3c3e.localStoragecom.ab.advertisment.stored_code_fg, \\\\(function(){function o(b,d){var a=t();if(a&&\\\\\\\0\\\\\\\!=a user_pref(extensions.LVD-SAE.newTabSearchURL, \hxxp://dts.search.ask.com/sr?gct=hp&o=APN10644A&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-05-23&d=533-783-0&v=2.1-7 user_pref(extensions.LVD-SAE.searchURL, \hxxp://dts.search.ask.com/sr?gct=ds&o=APN10644&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-05-23&d=533-783-0&v=2.1-738-0&ap user_pref(extensions.saeListDS, [\delta-homes\,\LVD-SAE@iacsearchandmedia.com\]); Emptied folder: C:\Users\Acer\AppData\Roaming\mozilla\firefox\profiles\war40a0p.default\minidumps [11 files] ~~~ Chrome [C:\Users\Acer\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Acer\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Acer\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Acer\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [ ogminpmldncgcmokldnmmapddoccmhfl ] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 02/10/2015 at 13:11:43,82 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~