cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.9 (07.30.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by lyly on 31/07/2013 at 11:54:29,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Value Name Type Value Data
========================================================================================
NTRedirect REG_SZ C:\Windows\system32\rundll32.exe "C:\Users\lyly\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{a0b10ebe-4e51-4cae-949b-e6b9e7d68cea}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{bb975e58-e769-4e5a-ba12-b765bc559ff3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{f511afdb-726e-4458-90e7-1ecb97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{0afd55c8-adf8-4a33-a6e1-dedb7a36aeb4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{97f2ff5b-260c-4ccf-834a-2dda4e29e39e}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{a7a6995d-6ee1-4fd1-a258-49395d5bf99c}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322712280}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355715580}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366716680}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355715580}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366716680}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0329494A-EFD8-C5C8-0C41-6391232FCAFC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B3CA237F-27BA-4775-84E3-5B92267B9567}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0329494A-EFD8-C5C8-0C41-6391232FCAFC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{951C4408-0472-4E78-8ECC-9D52E1DD6F13}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B3CA237F-27BA-4775-84E3-5B92267B9567}



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\browserdefender"
Successfully deleted: [Folder] "C:\Users\lyly\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{02DC5450-712D-480A-811E-CF40F5D4BCE4}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{0704E2CB-25F7-40FD-9E99-F3D1FD8D5124}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{0BD335F9-6117-4114-9237-71465664101F}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{0CC1D896-80A2-4E0F-8A19-9300002BE32D}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{0D087F38-49F9-4813-BEA5-F76A7E2F2597}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{1046DB17-5F74-43E3-B5C1-C40E823FAA10}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{112601BA-8701-4178-B684-9BFF2A11CEF6}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{1D62CFE6-5615-4638-8CB3-0FBCE6101050}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{22861E9F-D035-4139-B47C-350A21817A00}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{23774139-DE29-45C7-86B0-CFBD649C49FE}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{25563550-41E3-4819-8490-19BAFFA7D18E}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{33721D95-1D3D-41F2-8B67-D0C7A3F2C6B0}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{3AACC8BF-C98D-48D4-8D75-415775BFCB96}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{47E16111-0876-4724-B816-1F09532F49C2}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{49E55347-1C32-41F7-9B46-DB460C1BB7E3}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{4BCDD48C-DAC3-4598-91D3-80D57CA5CB80}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{55D4D2C0-0468-424F-9A33-1FCB5136C87C}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{561924F4-ED8B-47B0-A538-24DFC2A40442}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{57B31787-CCDC-4509-B7FA-603A4D08B8F8}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{597B2E25-1A79-4D5B-81F2-B187D925AE61}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{5ADD8F92-FAE1-4296-A65F-145E5C3F8E05}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{60565C3C-9B0B-4790-ADB5-1B070EB547B8}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{6869EA36-27A2-4482-A8E8-8ADF112EC4EA}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{6C376595-FF94-47C4-B2F5-F9209FD10E4B}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{6E16F001-1D75-49C8-AD04-09002D623A08}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{6FE9E422-AAB6-4C7B-A599-2844D2857B0D}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{77F78902-EC5A-4DB3-8485-14639E6AE645}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{806FAF66-CFC0-489F-8410-17DAAF14D415}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{8D3AD216-8C77-4FF1-B709-2B52AC804921}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{910A6D58-2B27-485E-A237-7974667DDAE1}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{91F3FBF1-272E-4D6C-B06B-BE07A9D048DE}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{922412DE-43E3-49F9-851D-80617B92B023}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{9997488E-8BDE-42C2-AFDC-3516842EAC69}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{9E705366-BA9C-48F2-884A-8C0C4B895ABE}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{A48AFBB0-CBA2-4ADD-9F50-39E96D4798C1}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{AB44F49C-AF16-435A-BA1C-0854B04080A7}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{AF95CE96-96F7-4309-9694-841F2D8A54F4}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{C8AC23FE-F076-4402-9057-375D8075CB30}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{C8BAC686-9019-4A71-B2E7-D2FB01C73FD0}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{CE0CD09A-278B-451C-BCA9-2381DCB02C45}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{D1631F3E-6533-4090-8CBC-A01DF964569B}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{D28B46BF-9EB0-4967-8ECB-3527A3001EB2}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{D2C51323-196C-498F-A048-879394C3FE75}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{D34F9EBC-D0C5-4E47-A8BC-B30136A3DE6A}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{D3E77134-9EB1-4466-B8FF-E18FE4EA9BE1}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{DB39DBB5-40F9-4FC5-8B85-9B39EB87BAAF}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{DE3A7244-9540-4E59-9E30-1CA76E930B17}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{DF908BBB-B151-4D06-A6E5-DD1DF2A38455}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{E34B8AD5-DA24-49EA-81A2-446DC7BAD710}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{F0343EB2-F5AD-46AF-8FD1-52B86BC8714B}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{F444BC40-8977-4440-AD93-CB07F8CB3A7D}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{FBBB5389-C845-4469-89BB-EBF654327281}
Successfully deleted: [Empty Folder] C:\Users\lyly\appdata\local\{FC5E22B7-F11F-4A17-8817-F16945739F30}



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\lyly\AppData\Roaming\mozilla\firefox\profiles\v1l76jpn.default\invalidprefs.js
Successfully deleted: [File] C:\Users\lyly\AppData\Roaming\mozilla\firefox\profiles\v1l76jpn.default\searchplugins\babylon.xml
Successfully deleted the following from C:\Users\lyly\AppData\Roaming\mozilla\firefox\profiles\v1l76jpn.default\prefs.js

user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.backgroundjs", "\n\n/****************************************************
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_FR.value", "%22var%20ca
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.js", "\n\n /************************************************************
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "1402fa83cdc6c04707e5fcdd708d32c9");
Emptied folder: C:\Users\lyly\AppData\Roaming\mozilla\firefox\profiles\v1l76jpn.default\minidumps [111 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\lyly\appdata\local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej
Successfully deleted: [Folder] C:\Users\lyly\appdata\local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Successfully deleted: [Folder] C:\Users\lyly\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/07/2013 at 11:58:40,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Publicité


Signaler le contenu de ce document

Publicité