JRT.txt

Cliquez pour partager vos propres fichiers

Commentaire : Pierre je te renvoie JRT je ne sais pas si tu l'a reçu Fernand a sq le CR Malware

Format du document : text/plain

Prévisualisation

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by fernand (Administrator) on 27/12/2016 at 15:26:37,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 14

Failed to delete: C:\Users\fernand\AppData\Local\A776EEAB-1482852158-96F7-1A43-74D02B99725F (Folder)
Successfully deleted: C:\ProgramData\searchmodule (Folder)
Successfully deleted: C:\Users\fernand\AppData\Local\browserair (Folder)
Successfully deleted: C:\Users\fernand\Appdata\LocalLow\company (Folder)
Successfully deleted: C:\Users\fernand\AppData\Roaming\browsers (Folder)
Successfully deleted: C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\Invalidprefs.js (File)
Successfully deleted: C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\searchplugins\smod.xml (File)
Successfully deleted: C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\searchplugins\trovi.xml (File)
Successfully deleted: C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\user.js (File)
Successfully deleted: C:\Users\fernand\AppData\Roaming\spi (Folder)
Successfully deleted: C:\WINDOWS\system32\drivers\cherimoya.sys (File)
Successfully deleted: C:\WINDOWS\system32\Tasks\SMW_UpdateTask_Time_3438303737353231382d3755556c415a505757414a34 (Task)
Successfully deleted: C:\WINDOWS\SysWOW64\findit.xml (File)
Successfully deleted: C:\Program Files (x86)\hdwallpaper (Folder)

Deleted the following from C:\Users\fernand\AppData\Roaming\Mozilla\Firefox\Profiles\04iduxuy.default-1481252859664\prefs.js
user_pref(browser.search.searchengine.hp, hxxp://www.trotux.com/?z=d3d12680e93a75cf67c3846gazab6o3m2wcc7w9c5c&from=clc&uid=SanDiskXSSDXU100X256GB_130554400800&type=hp);
user_pref(browser.search.searchengine.sp, hxxp://www.trotux.com/search/?from=clc&q={searchTerms}&type=sp&uid=SanDiskXSSDXU100X256GB_130554400800&z=d3d12680e93a75cf67c3846ga
user_pref(browser.search.searchengine.uid, SanDiskXSSDXU100X256GB_130554400800);
user_pref(browser.search.searchengine.url, hxxp://www.trotux.com/search/?from=clc&q={searchTerms}&type=sp&uid=SanDiskXSSDXU100X256GB_130554400800&z=d3d12680e93a75cf67c3846g
user_pref(browser.urlbar.suggest.searches, true);

Registry: 19

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\39785243-D64E-4E6A-8D47-8AE3346905B2 (Registry Key)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\cherimoya (Registry Key)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\GoogleChromeUpService (Registry Key)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\ProntSpooler (Registry Key)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SMUpd (Registry Key)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SMUpdd (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\SearchAssistant (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6E290A5C-BCC6-4973-8D0F-800B3733CFD5} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9211B66D-AA1B-4BD0-bF35-65E6C6E5F23F} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9211B66D-AA1B-4BD0-bF35-65E6C6E5F23F} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/12/2016 at 15:40:58,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signaler le contenu de ce document