Você está na página 1de 5

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes


Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Ultimate x86
Ran by Olja on ??? 01.09.2015 at 21:43:58,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services
Failed to delete: [Service] isafekrnl
Failed to delete: [Service] isafekrnlboot
Failed to delete: [Service] isafekrnlkit
Failed to delete: [Service] isafekrnlr3
Failed to delete: [Service] isafenetfilter
Failed to delete: [Service] isafeservice
Successfully deleted: [Service] isafekrnlmon [Reboot required]
Successfully deleted: [Service] winzipersvc [Reboot required]

~~~ Tasks

~~~ Registry Values


Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Int
ernet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Int
ernet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Int
ernet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Int
ernet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Int
ernet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\In
ternet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\In
ternet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\I
nternet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\I
nternet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\I
nternet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\I
nternet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1169779177-352768990
9-1150904806-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys


Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet E
xplorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}

Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet E


xplorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet E
xplorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet E
xplorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet
Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B
-B7D3-CB8BEB1AA42C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windo
ws\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BE
B1AA42C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mic
rosoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3593C8B9-8E18-4B4
B-B7D3-CB8BEB1AA42C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet
\Services\Eventlog\Application\iepluginservices
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet
\Services\Eventlog\Application\windowsmangerprotect

~~~ Files
Failed to delete: [File] C:\Windows\System32\drivers\isafenetfilter.sys
Successfully deleted: [File] C:\Users\Olja\Appdata\Local\google\chrome\user data
\default\local storage\hxxp_www.best-deals-products.com_0.localstorage

~~~ Folders
Failed to delete: [Folder] C:\Program Files\elex-tech
Failed to delete: [Folder] C:\Users\Olja\AppData\Roaming\elex-tech
Successfully deleted: [Folder] C:\Program Files\picexa
Successfully deleted: [Folder] C:\ProgramData\iepluginservices
Successfully deleted: [Folder] C:\ProgramData\ihprotectupdate
Successfully deleted: [Folder] C:\Users\Olja\Appdata\LocalLow\datamngr
Successfully deleted: [Folder] C:\Users\Olja\AppData\Roaming\picexa viewer

~~~ FireFox
Failed to delete: [File] C:\Users\Olja\AppData\Roaming\mozilla\firefox\profiles\
ugfkmg7d.default-1434294726341\searchplugins\ask-web-search.xml
Failed to delete: [File] C:\Users\Olja\AppData\Roaming\mozilla\firefox\profiles\
ugfkmg7d.default-1434294726341\searchplugins\delta-homes.xml
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firef
ox\Extensions\\quick_searchff@gmail.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firef
ox\Extensions\\sweetsearch@gmail.com
Successfully deleted the following from C:\Users\Olja\AppData\Roaming\mozilla\fi
refox\profiles\ugfkmg7d.default-1434294726341\prefs.js
user_pref(browser.newtab.url, chrome://quick_start/content/index.html);
user_pref(browser.search.searchengine.alias, );
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngin
e);

user_pref(browser.search.searchengine.iconURL, hxxp://www.v9.com/favicon.ico?t=1
);
user_pref(browser.search.searchengine.name, V9 );
user_pref(browser.search.searchengine.ptid, wpm07173);
user_pref(browser.search.searchengine.ref, c2VhcmNoLmRlbHRhLWhvbWVzLmNvbQ==);
user_pref(browser.search.searchengine.ts, 1439796247);
user_pref(browser.search.searchengine.type, );
user_pref(browser.search.searchengine.uid, wdcxwd2500bevt-24a23t0_wd-wxj1a702532
025320);
user_pref(browser.search.searchengine.url, hxxp://www.v9.com/web?type=ds&ts=1439
796247&from=zzgbkk123&uid=wdcxwd2500bevt-24a23t0_wd-wxj1a702532025320&z=52c95dce
6f397dabf3ef
user_pref(browser.startup.homepage, hxxp://home.tb.ask.com/index.jhtml?ptb=748F3
9BE-454B-4CF1-BA6B-C8997DF687D2&n=781b8a5b&p2=^HJ^xdm238^YYA^rs);
user_pref(extensions.mywebsearch.prevKwdEnabled, true);
user_pref(extensions.quick_start.enable_search1, false);
user_pref(extensions.quick_start.sd.closeWindowWithLastTab_prev_state, false);
user_pref(extensions.toolbar.mindspark.Mindspark.MindsparkFF_.browser.version.la
st, 40.0);
user_pref(extensions.toolbar.mindspark.MindsparkFF_.lssState, {\previousLocales\
:[\en-US\,\en\],\supportedLocales\:[\de\,\es\,\pt\,\ja\,\en\],\defaultLoc
user_pref(extensions.toolbar.mindspark._4zMembers_.BUTTON_STRUCTURE, [{\b\:21202
5602,\c\:\mindspark.magnify\,\p\:\L.0\},{\b\:212025603,\p\:\L.0.0\},{\b\:2
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginen
ame.prev, Google);
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginen
ame.savedPrev, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginen
ame.tb, Ask Web Search);
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine
.prev, V9 );
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine
.savedPrev, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine
.tb, Ask Web Search);
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.startup.homepage.prev
, hxxp://www.v9.com?type=hp&ts=1435214168&from=mych123&uid=wdcxwd2500bevt-24a23t
0_wd-wxj1a70
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.startup.homepage.save
dPrev, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.startup.homepage.tb,
hxxp://home.tb.ask.com/index.jhtml?ptb=748F39BE-454B-4CF1-BA6B-C8997DF687D2&n=78
1b8a5b&p2=^H
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.startup.page.savedPre
v, 1);
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.startup.page.tb, 1);
user_pref(extensions.toolbar.mindspark._4zMembers_.browser.version.last, 40.0);
user_pref(extensions.toolbar.mindspark._4zMembers_.firstKnownVersion, 7.18.7.199
29);
user_pref(extensions.toolbar.mindspark._4zMembers_.homepage, hxxp://home.tb.ask.
com/index.jhtml?ptb=748F39BE-454B-4CF1-BA6B-C8997DF687D2&n=781b8a5b&p2=^HJ^xdm23
8^YYA^rs);
user_pref(extensions.toolbar.mindspark._4zMembers_.hp.enabled, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.hp.guardType, HPR);
user_pref(extensions.toolbar.mindspark._4zMembers_.hp.user.defined, false);
user_pref(extensions.toolbar.mindspark._4zMembers_.initialized, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.installKeysSource, Cookies);
user_pref(extensions.toolbar.mindspark._4zMembers_.installType, XPI);
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.contextKey, );
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.dlpCountryCode,

RS);
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.installDate, 201
5070811);
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.partnerId, ^HJ^x
dm238^YYA^rs);
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId, );
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.pixelUrl, hxxp:/
/free.videodownloadconverter.com/install_pixels.jhtml?partner=^HJ^xdm238^YYA^rs&
coId=00d25f4
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.success, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.installation.toolbarId, 748F3
9BE-454B-4CF1-BA6B-C8997DF687D2);
user_pref(extensions.toolbar.mindspark._4zMembers_.isCompliantUninstallImplement
ation, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.lastActivePing, 1441133347490
);
user_pref(extensions.toolbar.mindspark._4zMembers_.lastKnownVersion, 1.0.1.16857
);
user_pref(extensions.toolbar.mindspark._4zMembers_.options.defaultSearch, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled, true
);
user_pref(extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled, true)
;
user_pref(extensions.toolbar.mindspark._4zMembers_.options.tabEnabled, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.partnerPixelFired, true);
user_pref(extensions.toolbar.mindspark._4zMembers_.successUrl, hxxp://free.video
downloadconverter.com/installComplete.jhtml);
user_pref(extensions.toolbar.mindspark._4zMembers_.toolbar.ownSearch, false);
user_pref(extensions.toolbar.mindspark._4zMembers_.toolbar.versionChanged, false
);
user_pref(extensions.toolbar.mindspark._4zMembers_.toolbarCollapsed, true);
user_pref(extensions.toolbar.mindspark.hp.enabled, true);
user_pref(extensions.toolbar.mindspark.hp.enabled.guid, 64ffxtbr@TelevisionFanat
ic.com);
user_pref(extensions.toolbar.mindspark.lastInstalled, videodownloadconverter@min
dspark.com);
user_pref(keyword.URL, hxxp://int.search.tb.ask.com/search/GGmain.jhtml?st=kwd&p
tb=748F39BE-454B-4CF1-BA6B-C8997DF687D2&n=781b8a5b&ind=2015070811&p2=^HJ^xdm238^
YYA^rs&searc
Emptied folder: C:\Users\Olja\AppData\Roaming\mozilla\firefox\profiles\ugfkmg7d.
default-1434294726341\minidumps [2 files]

~~~ Chrome
[C:\Users\Olja\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - defa
ult search provider reset
[C:\Users\Olja\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Exte
nsions Deleted:
[C:\Users\Olja\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences]
- default search provider reset
[C:\Users\Olja\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences]
- Extensions Deleted:
[]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ??? 01.09.2015 at 21:48:33,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Você também pode gostar