~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.9 (09.30.2016) Operating System: Windows 7 Ultimate x86 Ran by POSTE01 (Administrator) on Sun 11/06/2016 at 22:12:40.27 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 44 Failed to delete: C:\Program Files\tencent (Folder) Successfully deleted: C:\ProgramData\apn (Folder) Successfully deleted: C:\ProgramData\drivergenius (Folder) Successfully deleted: C:\ProgramData\duplicaterecord.js (File) Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) Successfully deleted: C:\ProgramData\productdata (Folder) Successfully deleted: C:\ProgramData\Start Menu\Programs\ytd video downloader (Folder) Successfully deleted: C:\ProgramData\tencent (Folder) Successfully deleted: C:\ProgramData\ytd video downloader (Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\crashrpt (Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg (Folder) Successfully deleted: C:\Users\POSTE01\AppData\Roaming\iobit\driver booster (Folder) Successfully deleted: C:\Users\POSTE01\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\qqplayer.lnk (Shortcut) Successfully deleted: C:\Users\POSTE01\AppData\Roaming\Mozilla\Firefox\Profiles\v673cydp.default-1448266040108\yasearch-xb\packages\{17388dab-6e36-46b4-94c0-d8a43f83b729}\mailru.xml (File) Successfully deleted: C:\Users\POSTE01\AppData\Roaming\Mozilla\Firefox\Profiles\v673cydp.default-1448266040108\yasearch-xb\packages\{a2c0b88d-cc88-42b8-8b69-9cf018a4056b}\altsearch.xml (File) Successfully deleted: C:\Users\POSTE01\AppData\Roaming\pc app store (Folder) Successfully deleted: C:\Users\POSTE01\AppData\Roaming\productdata (Folder) Successfully deleted: C:\Users\POSTE01\AppData\Roaming\software informer (Folder) Successfully deleted: C:\Users\POSTE01\AppData\Roaming\tencent (Folder) Successfully deleted: C:\Users\POSTE01\Desktop\qqplayer.lnk (Shortcut) Successfully deleted: C:\users\Public\Documents\pc faster (Folder) Successfully deleted: C:\Windows\System32\Tasks\Avira System Speedup Tray (Task) Successfully deleted: C:\Windows\System32\Tasks\Driver Booster Scan (Task) Successfully deleted: C:\Windows\System32\Tasks\Driver Booster Scheduler (Task) Successfully deleted: C:\Windows\System32\Tasks\Driver Booster SkipUAC (POSTE01) (Task) Successfully deleted: C:\Windows\System32\Tasks\Driver Booster Update (Task) Successfully deleted: C:\Program Files\Common Files\tencent (Folder) Successfully deleted: C:\Program Files\iobit\driver booster (Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4VPAG7LI (Temporary Internet Files Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A90N9LZ2 (Temporary Internet Files Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EE8DCNTH (Temporary Internet Files Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EYE31IL6 (Temporary Internet Files Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JAA5MVUW (Temporary Internet Files Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LED6OXY4 (Temporary Internet Files Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PKNFK9GD (Temporary Internet Files Folder) Successfully deleted: C:\Users\POSTE01\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSXN5E3D (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4VPAG7LI (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A90N9LZ2 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EE8DCNTH (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EYE31IL6 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JAA5MVUW (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LED6OXY4 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PKNFK9GD (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSXN5E3D (Temporary Internet Files Folder) user_pref(browser.urlbar.suggest.searches, true); user_pref(distribution.yandex.bookmarksProcessed, true); user_pref(extensions.installedDistroAddon.vb@yandex.ru, true); user_pref(extensions.installedDistroAddon.yasearch@yandex.ru, true); user_pref(extensions.vb@yandex.ru.advertisement.activeAdRefused, true); user_pref(extensions.vb@yandex.ru.advertisement.ads.vbaddthumb.lastShown, 1451391745248); user_pref(extensions.vb@yandex.ru.advertisement.ads.vbaddthumb.refuseCount, 1); user_pref(extensions.vb@yandex.ru.advertisement.ads.vbaddthumb.showCount, 1); user_pref(extensions.vb@yandex.ru.advertisement.ads.vbaddthumb.showState, 2); user_pref(extensions.vb@yandex.ru.advertisement.conditions.newBackgrounds, []); user_pref(extensions.vb@yandex.ru.advertisement.conditions.yandexBrowserInstalled, false); user_pref(extensions.vb@yandex.ru.advertisement.conditions.yandexBrowserLastLaunch, 0); user_pref(extensions.vb@yandex.ru.advertisement.lastModified, Mon, 07 Sep 2015 10:50:55 GMT); user_pref(extensions.vb@yandex.ru.alarms.advertisementConfigNeedUpdate, {\expires\:1297,\nextInterval\:1440,\saved\:1451391834015}); user_pref(extensions.vb@yandex.ru.alarms.checkAdJSON, {\expires\:58,\nextInterval\:60,\saved\:1451391834016}); user_pref(extensions.vb@yandex.ru.alarms.checkAdsConditions, {\expires\:28,\nextInterval\:30,\saved\:1451391834014}); user_pref(extensions.vb@yandex.ru.alarms.checkBackgroundsFileExists, {\expires\:8,\nextInterval\:10,\saved\:1451391834010}); user_pref(extensions.vb@yandex.ru.alarms.createBackup, {\expires\:1297,\nextInterval\:1440,\saved\:1451391834008}); user_pref(extensions.vb@yandex.ru.alarms.fourDaysPassed, {\expires\:5617,\saved\:1451391834010}); user_pref(extensions.vb@yandex.ru.alarms.scheduledPickup, {\expires\:1297,\nextInterval\:1440,\saved\:1451391834013}); user_pref(extensions.vb@yandex.ru.alarms.stopActiveAd, {\expires\:1439,\saved\:1451391834017}); user_pref(extensions.vb@yandex.ru.alarms.syncBackgrounds, {\expires\:1297,\nextInterval\:1440,\saved\:1451391834009}); user_pref(extensions.vb@yandex.ru.alarms.syncBlacklist, {\expires\:1297,\nextInterval\:1440,\saved\:1451391834012}); user_pref(extensions.vb@yandex.ru.alarms.updateAllThumbsData, {\expires\:9937,\nextInterval\:10080,\saved\:1451391834013}); user_pref(extensions.vb@yandex.ru.backgroundImages.lastModified, Tue, 15 Dec 2015 08:37:21 GMT); user_pref(extensions.vb@yandex.ru.backgroundImages.lastRequestTime, 1451385664); user_pref(extensions.vb@yandex.ru.backgroundImages.lastUpdateTime, 1451385663647); user_pref(extensions.vb@yandex.ru.backgroundImages.lastVersion, 19); user_pref(extensions.vb@yandex.ru.branding.lastupdate, 1434437283); user_pref(extensions.vb@yandex.ru.clids.creationDate, 2039338:{f4fe2742-8736-45b4-804e-86bb07a0525e}:vbff:2015.12.29); user_pref(extensions.vb@yandex.ru.creator, Yandex); user_pref(extensions.vb@yandex.ru.daylyaddonstat.collect, 1451383246); user_pref(extensions.vb@yandex.ru.daylyaddonstat.send, 1451383265); user_pref(extensions.vb@yandex.ru.dayuse.vb.scroll, false); user_pref(extensions.vb@yandex.ru.description, Keep all your favorite sites in one place with Visual Bookmarks. Simply click on the one of the mini webpages to visit a site user_pref(extensions.vb@yandex.ru.disabled, true); user_pref(extensions.vb@yandex.ru.ftabs.backgroundImage, earth.jpg); user_pref(extensions.vb@yandex.ru.ftabs.initialThumbsCount, 12); user_pref(extensions.vb@yandex.ru.general.install.time, 1451383246); user_pref(extensions.vb@yandex.ru.guid.value, {f4fe2742-8736-45b4-804e-86bb07a0525e}); user_pref(extensions.vb@yandex.ru.homepageURL, hxxp://visual.yandex.ru); user_pref(extensions.vb@yandex.ru.installer.override.revertedOnDisable, true); user_pref(extensions.vb@yandex.ru.license.accepted, true); user_pref(extensions.vb@yandex.ru.name, Visual Bookmarks); user_pref(extensions.vb@yandex.ru.stat.usage.send, false); user_pref(extensions.vb@yandex.ru.versions.lastAddon, 2.20.2); user_pref(extensions.vb@yandex.ru.versions.lastBuild, 2_1); user_pref(extensions.yasearch@yandex.ru.autoinstall.activated, [\hxxp://bar.yandex.ru/packages/yandexbar#logo\,\hxxp://bar.yandex.ru/packages/yandexbar#mail\,\hxxp://b user_pref(extensions.yasearch@yandex.ru.branding.lastupdate, 1434437387); user_pref(extensions.yasearch@yandex.ru.chevronInstallTime, 1451383262); user_pref(extensions.yasearch@yandex.ru.chevronState, 2); user_pref(extensions.yasearch@yandex.ru.clids.creationDate, 2039338:{f4fe2742-8736-45b4-804e-86bb07a0525e}:barff:2015.12.29); user_pref(extensions.yasearch@yandex.ru.creator, Yandex); user_pref(extensions.yasearch@yandex.ru.daylyaddonstat.collect, 1451383224); user_pref(extensions.yasearch@yandex.ru.daylyaddonstat.send, 1451383261); user_pref(extensions.yasearch@yandex.ru.default.preset.url, hxxp://bar.yandex.ru/presets/default.xml); user_pref(extensions.yasearch@yandex.ru.defender.homepage.changes, 0|0|0); user_pref(extensions.yasearch@yandex.ru.defender.homepage.enabled, true); user_pref(extensions.yasearch@yandex.ru.defender.homepage.protected, about:blank); user_pref(extensions.yasearch@yandex.ru.description, Quick access to all Yandex features); user_pref(extensions.yasearch@yandex.ru.general.install.time, 1451383178); user_pref(extensions.yasearch@yandex.ru.guid.value, {f4fe2742-8736-45b4-804e-86bb07a0525e}); user_pref(extensions.yasearch@yandex.ru.homepageURL, hxxps://element.yandex.ru); user_pref(extensions.yasearch@yandex.ru.installer.override.revertedOnDisable, true); user_pref(extensions.yasearch@yandex.ru.license.accepted, true); user_pref(extensions.yasearch@yandex.ru.mailruStat.gversion, 0); user_pref(extensions.yasearch@yandex.ru.mailruStat.sversion, 0); user_pref(extensions.yasearch@yandex.ru.migrated.australis, true); user_pref(extensions.yasearch@yandex.ru.name, Yandex Elements); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/143/manifest.xml#typosquatting.all.settings.jsonLastModified, Tue, 24 Se user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/143/manifest.xml#typosquatting.all.settings.lastUpdate, 1451391720430); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/176/manifest.xml#smartbox.all.settings.searchName, Яндекс); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/286/manifest.xml#browseroffer.all.settings.no-flash.suggest-session, {\ user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/286/manifest.xml#browseroffer.all.settings.turbo-video.suggest-session, user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/286/manifest.xml#browseroffer.all.settings.widgetSuggest.history, {\htt user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/289/manifest.xml#sovetnik.all.settings.jsonLastModified, Mon, 28 Dec 201 user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/289/manifest.xml#sovetnik.all.settings.lastUpdate, 1451383744879); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/289/manifest.xml#sovetnik.all.settings.specialVendorChecked, true); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/91/manifest.xml#profile.all.settings.display-button-friends, false); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/91/manifest.xml#profile.all.settings.display-button-groups, false); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/91/manifest.xml#profile.all.settings.display-button-messages, false); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/91/manifest.xml#profile.all.settings.display-button-notes, false); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/91/manifest.xml#profile.all.settings.display-button-photos, false); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-widgets.yandex.ru/packages/approved/91/manifest.xml#profile.all.settings.display-button-video, false); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.ru/packages/yandexbar#geolocation.all.settings.ip, 192.168.1.8); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.ru/packages/yandexbar#geolocation.all.settings.position, {\latitude\:\36.7516479\,\longitude\:\ user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.ru/packages/yandexbar#geolocation.all.settings.wifi.data, 0,c0:a0:bb:a9:f0:82,-75,1,00:e0:5c:30:92:ba user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.ru/packages/yandexbar#pagetranslator.all.settings.suggest.closedCounter, 1); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.ru/packages/yandexbar#pagetranslator.all.settings.suggest.shownAt, 1451384576731); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.ru/packages/yandexbar#town.145138327221958.settings.show-name, false); user_pref(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.ru/packages/yandexbar#translator.all.settings.last_update, 1451383256285); user_pref(extensions.yasearch@yandex.ru.stat.usage.send, false); user_pref(extensions.yasearch@yandex.ru.static.hxxp://bar-widgets.yandex.ru/packages/approved/176/manifest.xml#smartbox.all.settings.clid, 2039342); user_pref(extensions.yasearch@yandex.ru.static.hxxp://bar-widgets.yandex.ru/packages/approved/176/manifest.xml#smartbox.all.settings.enginename, Яндекс); user_pref(extensions.yasearch@yandex.ru.static.hxxp://bar-widgets.yandex.ru/packages/approved/176/manifest.xml#smartbox.all.settings.firststart, true); user_pref(extensions.yasearch@yandex.ru.static.hxxp://bar-widgets.yandex.ru/packages/approved/176/manifest.xml#smartbox.all.settings.tutor.installTime, 1450173691); user_pref(extensions.yasearch@yandex.ru.static.hxxp://bar-widgets.yandex.ru/packages/approved/176/manifest.xml#smartbox.all.settings.tutor.shownCounter, 2); user_pref(extensions.yasearch@yandex.ru.vendor.default.cookie, true); user_pref(extensions.yasearch@yandex.ru.versions.lastAddon, 8.11.0); user_pref(extensions.yasearch@yandex.ru.versions.lastBuild, 8); user_pref(extensions.yasearch@yandex.ru.welcomepage.version.introduced, 6.6.0); Registry: 4 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 11/06/2016 at 22:24:19.04 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~