~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x86 
Ran by YaSs (Administrator) on Mon 10/17/2016 at 19:20:06.37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 15 

Successfully deleted: C:\ProgramData\tencent (Folder) 
Successfully deleted: C:\Users\YaSs\AppData\Local\amigo (Folder) 
Successfully deleted: C:\Users\YaSs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel (Folder) 
Successfully deleted: C:\Users\YaSs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cknebhggccemgcnbidipinkifmmegdel_0.localstorage-journal (File) 
Successfully deleted: C:\Users\YaSs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cknebhggccemgcnbidipinkifmmegdel_0.localstorage (File) 
Successfully deleted: C:\Users\YaSs\AppData\Roaming\mailproducts (Folder) 
Successfully deleted: C:\Users\YaSs\AppData\Roaming\Mozilla\Firefox\Profiles\b4kfvpni.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} (Folder) 
Successfully deleted: C:\Users\YaSs\AppData\Roaming\Mozilla\Firefox\Profiles\b4kfvpni.default\searchplugins\avast-search.xml (File) 
Successfully deleted: C:\Users\YaSs\AppData\Roaming\Mozilla\Firefox\Profiles\b4kfvpni.default\searchplugins\mailru.xml (File) 
Successfully deleted: C:\Users\YaSs\AppData\Roaming\tencent (Folder) 
Successfully deleted: C:\Users\YaSs\Desktop\hitleap viewer.lnk (Shortcut) 
Successfully deleted: C:\Users\YaSs\Start Menu\Programs\hitleap viewer.lnk (Shortcut) 
Successfully deleted: C:\Program Files\GUTDE89.tmp (File) 
Successfully deleted: C:\Program Files\hitleap (Folder) 
Successfully deleted: C:\Program Files\tencent (Folder) 

Deleted the following from C:\Users\YaSs\AppData\Roaming\Mozilla\Firefox\Profiles\b4kfvpni.default\prefs.js
user_pref(browser.urlbar.suggest.searches, true);
user_pref(extensions.homepage@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B0B165156-0A9F-473B-941B-6C93791B1820%7D&install_id=%7B9D44ADC8-8BF9-4241-8
user_pref(extensions.homepage@mail.ru.install_id, {9D44ADC8-8BF9-4241-817A-907D98200F37});
user_pref(extensions.homepage@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B0B165156-0A9F-473B-941B-6C93791B182
user_pref(extensions.homepage@mail.ru.partner_product_online_url, hxxp://ec2-54-229-84-172.eu-west-1.compute.amazonaws.com/affect?guid={guid}&sid=16045&homesearch=1&label=8
user_pref(extensions.homepage@mail.ru.product_id, {0B165156-0A9F-473B-941B-6C93791B1820});
user_pref(extensions.homepage@mail.ru.product_type, ff_xtnhp);
user_pref(extensions.homepage@mail.ru.rfr, 811036);
user_pref(extensions.quick_start.enable_search1, false);
user_pref(extensions.quick_start.sd.closeWindowWithLastTab_prev_state, false);
user_pref(extensions.search@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B81218277-E1E3-47DB-A15B-FB91C8A41F45%7D&install_id=%7B9D44ADC8-8BF9-4241-817
user_pref(extensions.search@mail.ru.install_id, {9D44ADC8-8BF9-4241-817A-907D98200F37});
user_pref(extensions.search@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B81218277-E1E3-47DB-A15B-FB91C8A41F45%
user_pref(extensions.search@mail.ru.partner_product_online_url, hxxp://ec2-54-229-84-172.eu-west-1.compute.amazonaws.com/affect?guid={guid}&sid=16045&homesearch=1&label=811
user_pref(extensions.search@mail.ru.product_id, {81218277-E1E3-47DB-A15B-FB91C8A41F45});
user_pref(extensions.search@mail.ru.product_type, ff_xtndse);
user_pref(extensions.search@mail.ru.rfr, 811037);
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B59B8FBCA-9218-458B-B05F-348560238F58%7D&install_id=%
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B59B8FBCA-9218



Registry: 6 

Failed to delete: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\? (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 10/17/2016 at 19:25:47.87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~