~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Tony on 18/02/2016 at 11:14:25,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\softwareupdater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\WinTaske_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\WinTaske_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Tony\AppData\Roaming\nosibay"



~~~ FireFox

Successfully deleted the following from C:\Users\Tony\AppData\Roaming\mozilla\firefox\profiles\41A66E7E5EE1\prefs.js

user_pref("browser.search.searchengine.alias", "mysites123");
user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
user_pref("browser.search.searchengine.hp", "hxxp://www.yessearches.com/?ts=AHEpBHQsCHYlAE..&v=20160202&uid=38965F0BDE2DB15ED04605515179DABD&ptid=sto&mode=ffsengext");
user_pref("browser.search.searchengine.iconURL", "hxxp://mysites123.com/favicon.ico");
user_pref("browser.search.searchengine.name", "mysites123");
user_pref("browser.search.searchengine.ptid", "nsbfr");
user_pref("browser.search.searchengine.sp", "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=sto&q={searchTerms}&ts=AHEpBHQsCHYlAE..&uid=38965F0BDE2DB15ED04605515179
user_pref("browser.search.searchengine.uid", "WDCXWD10EZEX-08M2NA0_WD-WCC3F163350633506");
user_pref("browser.search.searchengine.url", "hxxp://mysites123.com/web?type=ds&ts=1455790155&z=8b463060dfd62c2e1baf2eeg6z8w3wem4t9efgcw7c&from=nsbfr&uid=WDCXWD10EZEX-08M2NA0_
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE", "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224520316,\"c\":\"mindspark.enterse
user_pref("extensions.toolbar.mindspark._brMembers_.browser.version.last", "44.0");
user_pref("extensions.toolbar.mindspark._brMembers_.firstKnownVersion", "7.38.8.45986");
user_pref("extensions.toolbar.mindspark._brMembers_.homepage", "/index.jhtml?n=782a0d33");
user_pref("extensions.toolbar.mindspark._brMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._brMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._brMembers_.installation.installDate", "2016021811");
user_pref("extensions.toolbar.mindspark._brMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._brMembers_.lastActivePing", "1455790441311");
user_pref("extensions.toolbar.mindspark._brMembers_.lastKnownVersion", "7.38.8.45986");
user_pref("extensions.toolbar.mindspark._brMembers_.lssState", "{\"previousLocales\":[\"fr\",\"fr-FR\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en
user_pref("extensions.toolbar.mindspark._brMembers_.options.defaultSearch", false);
user_pref("extensions.toolbar.mindspark._brMembers_.options.homePageEnabled", false);
user_pref("extensions.toolbar.mindspark._brMembers_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._brMembers_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language", "en");
user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type", "Toolbar");
user_pref("extensions.toolbar.mindspark._brMembers_.successUrl", "hxxp://www.yessearches.com/chrome.php?uid=38965F0BDE2DB15ED04605515179DABD&ptid=sto&ts=AHEpBHQsCHYlAE..&v=201
user_pref("extensions.toolbar.mindspark._brMembers_.toolbarCollapsed", false);
user_pref("extensions.toolbar.mindspark._brMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers_.\"],\"filesToDelete\":[\"C:\\\\User
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "yourGSearchfinder@GSearch.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "yourGSearchfinder@GSearch.com");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/02/2016 at 11:20:20,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~