Publicité
Publicité
Format du document : text/plain
Prévisualisation
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x64
Ran by Administrateur (Administrator) on 19/10/2016 at 9:28:03,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\Users\Administrateur.000\AppData\Roaming\mailproducts (Folder)
Successfully deleted: C:\Users\Administrateur.000\AppData\Roaming\Mozilla\Firefox\Profiles\lsiq8u9f.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} (Folder)
Successfully deleted: C:\Users\Administrateur.000\AppData\Roaming\Mozilla\Firefox\Profiles\lsiq8u9f.default\searchplugins\GoSearch.xml (File)
Successfully deleted: C:\Users\Administrateur.000\AppData\Roaming\Mozilla\Firefox\Profiles\lsiq8u9f.default\searchplugins\mailru.xml (File)
Deleted the following from C:\Users\Administrateur.000\AppData\Roaming\Mozilla\Firefox\Profiles\lsiq8u9f.default\prefs.js
user_pref(browser.startup.homepage, hxxps://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=811013);
user_pref(extensions.homepage@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B2815BECF-9DF5-4F91-BBF9-1B410ED97D1D%7D&install_id=%7BDB682089-25B6-4D61-B
user_pref(extensions.homepage@mail.ru.info, {\gp\:\811013\,\product_id\:\{2815BECF-9DF5-4F91-BBF9-1B410ED97D1D}\,\install_id\:\{DB682089-25B6-4D61-B8B7-9D5FCA051
user_pref(extensions.homepage@mail.ru.install_id, {DB682089-25B6-4D61-B8B7-9D5FCA051384});
user_pref(extensions.homepage@mail.ru.lastHomepage, hxxps://www.google.fr/);
user_pref(extensions.homepage@mail.ru.lastPageType, 1);
user_pref(extensions.homepage@mail.ru.metric_state_go_metric, {\lastDayNumber\:4,\lastDayDate\:\2016-10-18T00:00:00.000Z\});
user_pref(extensions.homepage@mail.ru.metric_state_mrds_metric, {\lastDayNumber\:4,\lastDayDate\:\2016-10-18T00:00:00.000Z\});
user_pref(extensions.homepage@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B2815BECF-9DF5-4F91-BBF9-1B410ED97D1
user_pref(extensions.homepage@mail.ru.partner_product_online_url, hxxp://goagcovzqgodvp.fairpressavoid.ru/affect?hetag=2cd4892305643d3255cacc089e08cea6&guid={guid}&did=2573
user_pref(extensions.homepage@mail.ru.product_id, {2815BECF-9DF5-4F91-BBF9-1B410ED97D1D});
user_pref(extensions.homepage@mail.ru.product_type, ff_xtnhp);
user_pref(extensions.homepage@mail.ru.rfr, 811013);
user_pref(extensions.search@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B4EF6390B-6EA6-48CA-B5FD-9A38EA261114%7D&install_id=%7BDB682089-25B6-4D61-B8B
user_pref(extensions.search@mail.ru.info, {\gp\:\811014\,\product_id\:\{4EF6390B-6EA6-48CA-B5FD-9A38EA261114}\,\install_id\:\{DB682089-25B6-4D61-B8B7-9D5FCA05138
user_pref(extensions.search@mail.ru.install_id, {DB682089-25B6-4D61-B8B7-9D5FCA051384});
user_pref(extensions.search@mail.ru.metric_state_go_metric, {\lastDayNumber\:4,\lastDayDate\:\2016-10-18T00:00:00.000Z\});
user_pref(extensions.search@mail.ru.metric_state_mrds_metric, {\lastDayNumber\:4,\lastDayDate\:\2016-10-18T00:00:00.000Z\});
user_pref(extensions.search@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B4EF6390B-6EA6-48CA-B5FD-9A38EA261114%
user_pref(extensions.search@mail.ru.partner_product_online_url, hxxp://goagcovzqgodvp.fairpressavoid.ru/affect?hetag=2cd4892305643d3255cacc089e08cea6&guid={guid}&did=257300
user_pref(extensions.search@mail.ru.product_id, {4EF6390B-6EA6-48CA-B5FD-9A38EA261114});
user_pref(extensions.search@mail.ru.product_type, ff_xtndse);
user_pref(extensions.search@mail.ru.rfr, 811014);
user_pref(extensions.xpiState, {\app-profile\:{\homepage@mail.ru\:{\d\:\C:\\\\Users\\\\Administrateur.000\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B04ED6780-1C2E-4684-ACBF-3E481729CD58%7D&install_id=%
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.info, {\gp\:\811015\,\product_id\:\{04ED6780-1C2E-4684-ACBF-3E481729CD58}\,\install_id\:\{DB682089-25
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B04ED6780-1C2E
user_pref(keyword.URL, hxxp://go.mail.ru/search?fr=ntg&q=);
Registry: 7
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\amigo (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A06ED961-D98F-4CF9-A89B-80AB11DB149C} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/10/2016 at 9:30:19,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x64
Ran by Administrateur (Administrator) on 19/10/2016 at 9:28:03,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\Users\Administrateur.000\AppData\Roaming\mailproducts (Folder)
Successfully deleted: C:\Users\Administrateur.000\AppData\Roaming\Mozilla\Firefox\Profiles\lsiq8u9f.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} (Folder)
Successfully deleted: C:\Users\Administrateur.000\AppData\Roaming\Mozilla\Firefox\Profiles\lsiq8u9f.default\searchplugins\GoSearch.xml (File)
Successfully deleted: C:\Users\Administrateur.000\AppData\Roaming\Mozilla\Firefox\Profiles\lsiq8u9f.default\searchplugins\mailru.xml (File)
Deleted the following from C:\Users\Administrateur.000\AppData\Roaming\Mozilla\Firefox\Profiles\lsiq8u9f.default\prefs.js
user_pref(browser.startup.homepage, hxxps://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=811013);
user_pref(extensions.homepage@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B2815BECF-9DF5-4F91-BBF9-1B410ED97D1D%7D&install_id=%7BDB682089-25B6-4D61-B
user_pref(extensions.homepage@mail.ru.info, {\gp\:\811013\,\product_id\:\{2815BECF-9DF5-4F91-BBF9-1B410ED97D1D}\,\install_id\:\{DB682089-25B6-4D61-B8B7-9D5FCA051
user_pref(extensions.homepage@mail.ru.install_id, {DB682089-25B6-4D61-B8B7-9D5FCA051384});
user_pref(extensions.homepage@mail.ru.lastHomepage, hxxps://www.google.fr/);
user_pref(extensions.homepage@mail.ru.lastPageType, 1);
user_pref(extensions.homepage@mail.ru.metric_state_go_metric, {\lastDayNumber\:4,\lastDayDate\:\2016-10-18T00:00:00.000Z\});
user_pref(extensions.homepage@mail.ru.metric_state_mrds_metric, {\lastDayNumber\:4,\lastDayDate\:\2016-10-18T00:00:00.000Z\});
user_pref(extensions.homepage@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B2815BECF-9DF5-4F91-BBF9-1B410ED97D1
user_pref(extensions.homepage@mail.ru.partner_product_online_url, hxxp://goagcovzqgodvp.fairpressavoid.ru/affect?hetag=2cd4892305643d3255cacc089e08cea6&guid={guid}&did=2573
user_pref(extensions.homepage@mail.ru.product_id, {2815BECF-9DF5-4F91-BBF9-1B410ED97D1D});
user_pref(extensions.homepage@mail.ru.product_type, ff_xtnhp);
user_pref(extensions.homepage@mail.ru.rfr, 811013);
user_pref(extensions.search@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B4EF6390B-6EA6-48CA-B5FD-9A38EA261114%7D&install_id=%7BDB682089-25B6-4D61-B8B
user_pref(extensions.search@mail.ru.info, {\gp\:\811014\,\product_id\:\{4EF6390B-6EA6-48CA-B5FD-9A38EA261114}\,\install_id\:\{DB682089-25B6-4D61-B8B7-9D5FCA05138
user_pref(extensions.search@mail.ru.install_id, {DB682089-25B6-4D61-B8B7-9D5FCA051384});
user_pref(extensions.search@mail.ru.metric_state_go_metric, {\lastDayNumber\:4,\lastDayDate\:\2016-10-18T00:00:00.000Z\});
user_pref(extensions.search@mail.ru.metric_state_mrds_metric, {\lastDayNumber\:4,\lastDayDate\:\2016-10-18T00:00:00.000Z\});
user_pref(extensions.search@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B4EF6390B-6EA6-48CA-B5FD-9A38EA261114%
user_pref(extensions.search@mail.ru.partner_product_online_url, hxxp://goagcovzqgodvp.fairpressavoid.ru/affect?hetag=2cd4892305643d3255cacc089e08cea6&guid={guid}&did=257300
user_pref(extensions.search@mail.ru.product_id, {4EF6390B-6EA6-48CA-B5FD-9A38EA261114});
user_pref(extensions.search@mail.ru.product_type, ff_xtndse);
user_pref(extensions.search@mail.ru.rfr, 811014);
user_pref(extensions.xpiState, {\app-profile\:{\homepage@mail.ru\:{\d\:\C:\\\\Users\\\\Administrateur.000\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B04ED6780-1C2E-4684-ACBF-3E481729CD58%7D&install_id=%
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.info, {\gp\:\811015\,\product_id\:\{04ED6780-1C2E-4684-ACBF-3E481729CD58}\,\install_id\:\{DB682089-25
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B04ED6780-1C2E
user_pref(keyword.URL, hxxp://go.mail.ru/search?fr=ntg&q=);
Registry: 7
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\amigo (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A06ED961-D98F-4CF9-A89B-80AB11DB149C} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/10/2016 at 9:30:19,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~