Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

file log Opzioni
luciano999
Inviato: Sunday, September 30, 2012 3:45:39 AM

Rank: AiutAmico

Iscritto dal : 10/20/2010
Posts: 831
ciao gentilmente chi puo' controllare il file log, ho preso un virus che sono riuscito a eliminare,
pero mi sono ritrovato parecchi danni alcuni programmi non si avviano piu',
tipo, crome, firefox, e altri che ora non ricordo.
grazie tante

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 03:39:59, on 30/09/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\3 Internet\3 Internet.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnalyzeRP.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\AnalyzeProduct\AS4\Kernel300\AnalyzeRP\AServices.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Productivity 2.2 Toolbar - {e84cc2c1-b722-48fc-a39c-edb8b525c777} - C:\Program Files (x86)\Productivity_2.2\prxtbPro2.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll
R3 - URLSearchHook: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: uTorrentBar_IT - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {9a95b751-bf3e-4ea8-a938-2d4d84cd4964} - C:\PROGRA~2\LPHANT~2\MediaBar\Datamngr\ToolBar\lpdtxmltbpi.dll
O2 - BHO: MyAshampoo - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Productivity 2.2 - {e84cc2c1-b722-48fc-a39c-edb8b525c777} - C:\Program Files (x86)\Productivity_2.2\prxtbPro2.dll
O2 - BHO: UrlHelper Class - {EA35911C-1B6A-4AF3-B803-913BA025C271} - C:\PROGRA~2\LPHANT~2\MediaBar\Datamngr\IEBHO.dll
O3 - Toolbar: Toolbar &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Productivity 2.2 Toolbar - {e84cc2c1-b722-48fc-a39c-edb8b525c777} - C:\Program Files (x86)\Productivity_2.2\prxtbPro2.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll
O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: MediaBar - {9a95b751-bf3e-4ea8-a938-2d4d84cd4964} - C:\PROGRA~2\LPHANT~2\MediaBar\Datamngr\ToolBar\lpdtxmltbpi.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\LPHANT~2\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Mobile Partner] "C:\Program Files (x86)\3 Internet\3 Internet.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AnalyzeRP.exe
O8 - Extra context menu item: Add to Local Website Archive - C:\Users\Luciano\AppData\Roaming\aignes\Local Website Archive\config\iearc.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra button: Add to Local Website Archive - {205B8A4B-A664-4D86-BBF7-C09464072B44} - C:\Program Files (x86)\Local Website Archive\wsarc_add.exe (HKCU)
O9 - Extra button: (no name) - {32BCE889-1723-4BC9-A81B-27CFBC34A15C} - C:\Program Files (x86)\Local Website Archive\wsarc_add.exe (HKCU)
O9 - Extra 'Tools' menuitem: Add to Local Website Archive - {32BCE889-1723-4BC9-A81B-27CFBC34A15C} - C:\Program Files (x86)\Local Website Archive\wsarc_add.exe (HKCU)
O9 - Extra button: Start Local Website Archive - {81558020-02B7-4088-B207-88CBC1066485} - C:\Program Files (x86)\Local Website Archive\wsarc.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE509428-C72C-42BF-8477-9223D0421CD5}: NameServer = 62.13.173.92 62.13.173.93
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: c:\progra~2\lphant~2\mediabar\datamngr\datamngr.dll c:\progra~2\lphant~2\mediabar\datamngr\iebho.dll c:\progra~2\sprote~1\sprote~1.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14510 bytes
Sponsor
Inviato: Sunday, September 30, 2012 3:45:39 AM

 
shapiro
Inviato: Sunday, September 30, 2012 9:30:47 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao hai una marea di schifezze tra toolbar ed altro

riesegu hjt metti la spunta nelle caselle corrispondenti e premi FIX CHECKED

Code:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/


prova a fare questa scansione

scarica adwcleaner scegli l'opzione delete e posta il risultato

Scarica Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
(non installare la recovery console)
Lascia lavorare il programma senza interferire
Allega il rapporto C:\ComboFix.txt nella tua risposta.

N.B. - I programmi devi avviarli col tasto destro e come amministratore
luciano999
Inviato: Sunday, September 30, 2012 10:48:30 PM

Rank: AiutAmico

Iscritto dal : 10/20/2010
Posts: 831
Ciao grazie per l'aiuto, posto i risultati adwclinner

# AdwCleaner v2.003 - Logfile created 09/30/2012 at 22:42:11
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Luciano - LUCIANO-PC
# Boot Mode : Normal
# Running from : C:\Users\Luciano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RBQUYXO1\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Premium
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\searchplugins\SearchResults.xml
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Crawler
Folder Deleted : C:\Program Files (x86)\MyAshampoo
Folder Deleted : C:\Program Files (x86)\Productivity_2.2
Folder Deleted : C:\Program Files (x86)\uTorrentBar_IT
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Users\Luciano\AppData\Local\Conduit
Folder Deleted : C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Deleted : C:\Users\Luciano\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Luciano\AppData\LocalLow\MyAshampoo
Folder Deleted : C:\Users\Luciano\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Luciano\AppData\LocalLow\Productivity_2.2
Folder Deleted : C:\Users\Luciano\AppData\LocalLow\uTorrentBar_IT
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\Conduit
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\ConduitCommon
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\CT2475029
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\CT2851640
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\extensions\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Folder Deleted : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\extensions\ffxtlbr@babylon.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Productivity_2.2
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar_IT
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E84CC2C1-B722-48FC-A39C-EDB8B525C777}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3655BCAA-DDE5-4D19-8A3B-4A8A6F891565}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93169EC6-0D20-488C-AA20-1B25726E1DF4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{94C72F1B-FE08-4F62-AD00-21D9E33AD4C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E84CC2C1-B722-48FC-A39C-EDB8B525C777}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Key Deleted : HKLM\SOFTWARE\Classes\ctbr.R404Pro
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2851640
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2903601
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3655BCAA-DDE5-4D19-8A3B-4A8A6F891565}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{93169EC6-0D20-488C-AA20-1B25726E1DF4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{94C72F1B-FE08-4F62-AD00-21D9E33AD4C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Key Deleted : HKLM\Software\MyAshampoo
Key Deleted : HKLM\Software\Productivity_2.2
Key Deleted : HKLM\Software\uTorrentBar_IT
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3655BCAA-DDE5-4D19-8A3B-4A8A6F891565}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{93169EC6-0D20-488C-AA20-1B25726E1DF4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94C72F1B-FE08-4F62-AD00-21D9E33AD4C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E84CC2C1-B722-48FC-A39C-EDB8B525C777}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D317B59-0385-42FF-B740-A4E595D46860}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E9DAAEF-7EF2-4C18-AC95-2BB3E1703142}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28D68041-9E18-4E73-BA7C-C0B3C75F8CA4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B7AC63B-0C88-4301-AD89-27C479849591}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA799CFD-1F3D-408E-B6F6-0718535D242F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC694DA3-CCA0-45EA-8D5F-858A21A79C04}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E84CC2C1-B722-48FC-A39C-EDB8B525C777}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Productivity_2.2 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_IT Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E84CC2C1-B722-48FC-A39C-EDB8B525C777}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E84CC2C1-B722-48FC-A39C-EDB8B525C777}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E84CC2C1-B722-48FC-A39C-EDB8B525C777}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{E84CC2C1-B722-48FC-A39C-EDB8B525C777}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v6.0.1 (it)

Profile name : default
File : C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\prefs.js

C:\Users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\user.js ... Deleted !

Deleted : user_pref("CT2475029..clientLogIsEnabled", true);
Deleted : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481020.alertChannelId", "874426");
Deleted : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481024.alertChannelId", "874430");
Deleted : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481025.alertChannelId", "874431");
Deleted : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481029.alertChannelId", "874435");
Deleted : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481031.alertChannelId", "874437");
Deleted : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481032.alertChannelId", "874438");
Deleted : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481033.alertChannelId", "874439");
Deleted : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481034.alertChannelId", "874440");
Deleted : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481035.alertChannelId", "874441");
Deleted : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Deleted : user_pref("CT2475029.CT2481037.alertChannelId", "874443");
Deleted : user_pref("CT2475029.CTID", "CT2475029");
Deleted : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Thu Dec 22 2011 22:02:55 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2475029.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingReque[...]
Deleted : user_pref("CT2475029.CommunityChanged", true);
Deleted : user_pref("CT2475029.CurrentServerDate", "15-11-2011");
Deleted : user_pref("CT2475029.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2475029.DialogsGetterLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solare Eur[...]
Deleted : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Deleted : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Dec 22 2011 22:02:55 GMT+0100 (ora sola[...]
Deleted : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201069983");
Deleted : user_pref("CT2475029.DownloadReferralCookieData", "");
Deleted : user_pref("CT2475029.FeedLastCount129133095456874337", 400);
Deleted : user_pref("CT2475029.FeedLastCount6244576562585401993", 810);
Deleted : user_pref("CT2475029.FeedPollDate129132307482029379", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solare[...]
Deleted : user_pref("CT2475029.FeedPollDate129132307482029381", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solare[...]
Deleted : user_pref("CT2475029.FeedPollDate129132307482029382", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solare[...]
Deleted : user_pref("CT2475029.FeedPollDate129133095459686870", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solare[...]
Deleted : user_pref("CT2475029.FeedPollDate129133095459686871", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solare[...]
Deleted : user_pref("CT2475029.FeedPollDate129137437659687146", "Thu Dec 22 2011 22:02:59 GMT+0100 (ora solare[...]
Deleted : user_pref("CT2475029.FeedPollDate129137437659687147", "Thu Dec 22 2011 22:02:59 GMT+0100 (ora solare[...]
Deleted : user_pref("CT2475029.FeedPollDate129137437659687148", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solare[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602500", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602506", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602512", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602518", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602524", "Fri Apr 29 2011 04:08:44 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214602530", "Fri Apr 29 2011 04:08:44 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603404", "Fri Apr 29 2011 04:08:42 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603410", "Fri Apr 29 2011 04:08:42 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603416", "Fri Apr 29 2011 04:08:42 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603422", "Fri Apr 29 2011 04:08:42 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603428", "Fri Apr 29 2011 04:08:42 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603434", "Fri Apr 29 2011 04:08:42 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603440", "Fri Apr 29 2011 04:08:42 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603446", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603452", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603458", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603464", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603470", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603476", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603482", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603488", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214603494", "Fri Apr 29 2011 04:08:43 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758786", "Fri Apr 29 2011 04:08:44 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758792", "Fri Apr 29 2011 04:08:44 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758798", "Fri Apr 29 2011 04:08:44 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758804", "Fri Apr 29 2011 04:08:44 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758810", "Fri Apr 29 2011 04:08:44 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758816", "Fri Apr 29 2011 04:08:44 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758822", "Fri Apr 29 2011 04:08:44 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758828", "Fri Apr 29 2011 04:08:45 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758834", "Fri Apr 29 2011 04:08:45 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758840", "Fri Apr 29 2011 04:08:45 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758846", "Fri Apr 29 2011 04:08:45 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758852", "Fri Apr 29 2011 04:08:45 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758858", "Fri Apr 29 2011 04:08:45 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758864", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758870", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758876", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758882", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758888", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758894", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758900", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758906", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758912", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758918", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758924", "Fri Apr 29 2011 04:08:46 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758930", "Fri Apr 29 2011 04:08:47 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758936", "Fri Apr 29 2011 04:08:47 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758942", "Fri Apr 29 2011 04:08:47 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758948", "Fri Apr 29 2011 04:08:47 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758954", "Fri Apr 29 2011 04:08:47 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedPollDate129255180214758960", "Fri Apr 29 2011 04:08:47 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Deleted : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Deleted : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Deleted : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Deleted : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603434", 10);
Deleted : user_pref("CT2475029.FeedTTL129255180214603482", 60);
Deleted : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Deleted : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Deleted : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Deleted : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Deleted : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Deleted : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Deleted : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Deleted : user_pref("CT2475029.FirstServerDate", "2-2-2011");
Deleted : user_pref("CT2475029.FirstTime", true);
Deleted : user_pref("CT2475029.FirstTimeFF3", true);
Deleted : user_pref("CT2475029.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2475029.GroupingLastCheckTime", "Thu Dec 22 2011 22:02:55 GMT+0100 (ora solare Europa o[...]
Deleted : user_pref("CT2475029.GroupingLastErrorCode", "");
Deleted : user_pref("CT2475029.GroupingLastResponse", false);
Deleted : user_pref("CT2475029.GroupingLastServerUpdateTime", "129621096970000000");
Deleted : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2475029.HasUserGlobalKeys", true);
Deleted : user_pref("CT2475029.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2475029.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Deleted : user_pref("CT2475029.Initialize", true);
Deleted : user_pref("CT2475029.InitializeCommonPrefs", true);
Deleted : user_pref("CT2475029.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2475029.InstallationId", "MyAshampoo.exe");
Deleted : user_pref("CT2475029.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2475029.InstalledDate", "Wed Feb 02 2011 18:11:32 GMT+0100 (ora solare Europa occidenta[...]
Deleted : user_pref("CT2475029.InvalidateCache", false);
Deleted : user_pref("CT2475029.IsAlertDBUpdated", true);
Deleted : user_pref("CT2475029.IsGrouping", true);
Deleted : user_pref("CT2475029.IsMulticommunity", true);
Deleted : user_pref("CT2475029.IsOpenThankYouPage", true);
Deleted : user_pref("CT2475029.IsOpenUninstallPage", true);
Deleted : user_pref("CT2475029.LanguagePackLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solare Euro[...]
Deleted : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2475029.LastLogin_3.2.5.2", "Sat Sep 03 2011 22:37:17 GMT+0200 (ora legale Europa occid[...]
Deleted : user_pref("CT2475029.LastLogin_3.6.0.10", "Sun Oct 30 2011 16:50:39 GMT+0100 (ora solare Europa occi[...]
Deleted : user_pref("CT2475029.LastLogin_3.7.0.6", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solare Europa occid[...]
Deleted : user_pref("CT2475029.LatestVersion", "3.8.0.8");
Deleted : user_pref("CT2475029.Locale", "en");
Deleted : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2475029.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2475029.RadioIsPodcast", false);
Deleted : user_pref("CT2475029.RadioLastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solare Europa occi[...]
Deleted : user_pref("CT2475029.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2475029.RadioLastUpdateServer", "129054397178370000");
Deleted : user_pref("CT2475029.RadioMediaID", "8915");
Deleted : user_pref("CT2475029.RadioMediaType", "Media Player");
Deleted : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT2475029_RECENT8915");
Deleted : user_pref("CT2475029.RadioShrinked", "expanded");
Deleted : user_pref("CT2475029.RadioStationName", "Radio%20105%20-%20Channel%206%20-%20Latino");
Deleted : user_pref("CT2475029.RadioStationURL", "hxxp://151.1.245.1/17");
Deleted : user_pref("CT2475029.RadioVolume", "100");
Deleted : user_pref("CT2475029.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2475029.SearchEngineBeforeUnload", "uTorrentBar_IT Customized Web Search");
Deleted : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT247[...]
Deleted : user_pref("CT2475029.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2475029.SearchInNewTabLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solare Eu[...]
Deleted : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2475029.SearchProtectorEnabled", false);
Deleted : user_pref("CT2475029.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2475029.ServiceMapLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solare Europa[...]
Deleted : user_pref("CT2475029.SettingsLastCheckTime", "Thu Dec 22 2011 22:02:55 GMT+0100 (ora solare Europa o[...]
Deleted : user_pref("CT2475029.SettingsLastUpdate", "1317625297");
Deleted : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Thu Dec 22 2011 22:02:54 GMT+0100 (ora solare [...]
Deleted : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2475029");
Deleted : user_pref("CT2475029.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2475029.UserID", "UN01955412767924769");
Deleted : user_pref("CT2475029.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2475029.alertChannelId", "868510");
Deleted : user_pref("CT2475029.backendstorage._fb_dailyactivity", "31323938393332323930303039");
Deleted : user_pref("CT2475029.backendstorage._fb_lifetimesent", "54525545");
Deleted : user_pref("CT2475029.backendstorage.facebbok_user_id", "31353934303734393035");
Deleted : user_pref("CT2475029.backendstorage.facebook_ctid_connect_send", "73656E646564");
Deleted : user_pref("CT2475029.backendstorage.facebook_ctid_connect_send_n", "73656E646564");
Deleted : user_pref("CT2475029.backendstorage.facebook_first_visit", "6E6F744669727374");
Deleted : user_pref("CT2475029.backendstorage.facebook_last_message_choice", "756E72656164");
Deleted : user_pref("CT2475029.backendstorage.facebook_login_status", "31");
Deleted : user_pref("CT2475029.backendstorage.facebook_lust_recievegadet", "");
Deleted : user_pref("CT2475029.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT2475029.backendstorage.facebook_toolbar_not_numer", "3936");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_first_login_date", "30322F30332F32303131");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_locale", "6974");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_name", "3078303034432C3078303037352C3078303036332C[...]
Deleted : user_pref("CT2475029.backendstorage.facebook_user_survey_visit", "4E4F545F56495349544544");
Deleted : user_pref("CT2475029.backendstorage.facebook_user_token", "3230393834353033353330347C316334623830623[...]
Deleted : user_pref("CT2475029.backendstorage.facebooknotifications", "31");
Deleted : user_pref("CT2475029.backendstorage.hxxp://facebook_conduitapps_com/v3_2_0.facebook_ctid_connect_sen[...]
Deleted : user_pref("CT2475029.backendstorage.hxxp://facebook_conduitapps_com/v3_2_0.facebook_last_visit_tab",[...]
Deleted : user_pref("CT2475029.backendstorage.hxxp://facebook_conduitapps_com/v3_2_1.facebook_ctid_connect_sen[...]
Deleted : user_pref("CT2475029.components.1000034", false);
Deleted : user_pref("CT2475029.components.1000234", false);
Deleted : user_pref("CT2475029.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2475029.globalFirstTimeInfoLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora sola[...]
Deleted : user_pref("CT2475029.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2475029.initDone", true);
Deleted : user_pref("CT2475029.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2475029.myStuffEnabled", true);
Deleted : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2475029.oldAppsList", "200,129053524177369346,129053524177525597,111,129584873345514033[...]
Deleted : user_pref("CT2475029.revertSettingsEnabled", true);
Deleted : user_pref("CT2475029.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2475029.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2475029.testingCtid", "");
Deleted : user_pref("CT2475029.toolbarAppMetaDataLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2475029.toolbarContextMenuLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2475029.usagesFlag", 2);
Deleted : user_pref("CT2851640..clientLogIsEnabled", true);
Deleted : user_pref("CT2851640..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2851640..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2851640.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2851640.CTID", "CT2851640");
Deleted : user_pref("CT2851640.CurrentServerDate", "15-11-2011");
Deleted : user_pref("CT2851640.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2851640.DialogsGetterLastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solare Eur[...]
Deleted : user_pref("CT2851640.DownloadReferralCookieData", "");
Deleted : user_pref("CT2851640.EMailNotifierPollDate", "Thu Dec 22 2011 22:02:57 GMT+0100 (ora solare Europa o[...]
Deleted : user_pref("CT2851640.FeedLastCount6743962842994482530", 436);
Deleted : user_pref("CT2851640.FeedPollDate129351530198088259", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198088265", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198088271", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198088277", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198088283", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198088289", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198088295", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198088301", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198244557", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198244563", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate129351530198244569", "Mon May 23 2011 01:58:21 GMT+0200 (ora legale[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156812186649977", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156813040823546", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156813130095866", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156813224203613", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156813230837251", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156813454291735", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156813729834876", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156813860870021", "Thu Dec 22 2011 22:03:02 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156814264681793", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156814863075366", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedPollDate2429156815257761081", "Thu Dec 22 2011 22:03:01 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.FeedTTL129351530198088259", 10);
Deleted : user_pref("CT2851640.FeedTTL129351530198088283", 15);
Deleted : user_pref("CT2851640.FeedTTL129351530198088295", 5);
Deleted : user_pref("CT2851640.FeedTTL129351530198244557", 5);
Deleted : user_pref("CT2851640.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2851640.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2851640.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2851640.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2851640.FirstServerDate", "29-4-2011");
Deleted : user_pref("CT2851640.FirstTime", true);
Deleted : user_pref("CT2851640.FirstTimeFF3", true);
Deleted : user_pref("CT2851640.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2851640.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2851640.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2851640.HasUserGlobalKeys", true);
Deleted : user_pref("CT2851640.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2851640.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Deleted : user_pref("CT2851640.Initialize", true);
Deleted : user_pref("CT2851640.InitializeCommonPrefs", true);
Deleted : user_pref("CT2851640.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2851640.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2851640.InstalledDate", "Fri Apr 29 2011 04:08:50 GMT+0200 (ora legale Europa occidenta[...]
Deleted : user_pref("CT2851640.IsAlertDBUpdated", true);
Deleted : user_pref("CT2851640.IsGrouping", false);
Deleted : user_pref("CT2851640.IsMulticommunity", false);
Deleted : user_pref("CT2851640.IsOpenThankYouPage", true);
Deleted : user_pref("CT2851640.IsOpenUninstallPage", false);
Deleted : user_pref("CT2851640.LanguagePackLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solare Euro[...]
Deleted : user_pref("CT2851640.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2851640.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2851640.LastLogin_3.2.5.2", "Sat Sep 03 2011 22:37:19 GMT+0200 (ora legale Europa occid[...]
Deleted : user_pref("CT2851640.LastLogin_3.6.0.10", "Sun Oct 30 2011 16:50:39 GMT+0100 (ora solare Europa occi[...]
Deleted : user_pref("CT2851640.LastLogin_3.7.0.6", "Thu Dec 22 2011 22:02:55 GMT+0100 (ora solare Europa occid[...]
Deleted : user_pref("CT2851640.LatestVersion", "3.8.0.8");
Deleted : user_pref("CT2851640.Locale", "it");
Deleted : user_pref("CT2851640.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2851640.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2851640.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2851640.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2851640.SearchEngineBeforeUnload", "uTorrentBar_IT Customized Web Search");
Deleted : user_pref("CT2851640.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2851640.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Deleted : user_pref("CT2851640.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2851640.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2851640.SearchInNewTabLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solare Eu[...]
Deleted : user_pref("CT2851640.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2851640.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2851640.SearchProtectorEnabled", false);
Deleted : user_pref("CT2851640.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2851640.ServiceMapLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solare Europa[...]
Deleted : user_pref("CT2851640.SettingsLastCheckTime", "Thu Dec 22 2011 22:02:54 GMT+0100 (ora solare Europa o[...]
Deleted : user_pref("CT2851640.SettingsLastUpdate", "1313478221");
Deleted : user_pref("CT2851640.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2851640.ThirdPartyComponentsLastCheck", "Thu Dec 22 2011 22:02:56 GMT+0100 (ora solare [...]
Deleted : user_pref("CT2851640.ThirdPartyComponentsLastUpdate", "1291276238");
Deleted : user_pref("CT2851640.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2851640.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851640");
Deleted : user_pref("CT2851640.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2851640.UserID", "UN96700285036440643");
Deleted : user_pref("CT2851640.ValidationData_Search", 2);
Deleted : user_pref("CT2851640.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2851640.WeatherNetwork", "");
Deleted : user_pref("CT2851640.WeatherPollDate", "Thu Dec 22 2011 22:03:02 GMT+0100 (ora solare Europa occiden[...]
Deleted : user_pref("CT2851640.WeatherUnit", "C");
Deleted : user_pref("CT2851640.alertChannelId", "1243675");
Deleted : user_pref("CT2851640.backendstorage.cbfirsttime", "53756E204F637420333020323031312031363A35303A34342[...]
Deleted : user_pref("CT2851640.backendstorage.enableinj", "");
Deleted : user_pref("CT2851640.backendstorage.url_history", "687474703A2F2F7777772E627572676D616E3430302E69742[...]
Deleted : user_pref("CT2851640.backendstorage.url_history_time", "31333230373136343538353236");
Deleted : user_pref("CT2851640.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2851640.globalFirstTimeInfoLastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora sola[...]
Deleted : user_pref("CT2851640.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2851640.initDone", true);
Deleted : user_pref("CT2851640.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2851640.myStuffEnabled", true);
Deleted : user_pref("CT2851640.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2851640.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2851640.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2851640.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2851640.oldAppsList", "129351530187150545,129351530187463046,111,1000234,12935153018761[...]
Deleted : user_pref("CT2851640.revertSettingsEnabled", true);
Deleted : user_pref("CT2851640.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2851640.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2851640.testingCtid", "");
Deleted : user_pref("CT2851640.toolbarAppMetaDataLastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.toolbarContextMenuLastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora solar[...]
Deleted : user_pref("CT2851640.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2851640");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243675/1239348/IT", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/868510/864310/IT", "\"1-205[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874426/870225/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874430/870228/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874431/870229/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874435/870233/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874437/870235/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874438/870236/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874439/870237/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874440/870238/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874441/870239/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874443/870241/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/IT", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2475029", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851640", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2475029",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851640",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63450132281613[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2475029&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2851640&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2475029/CT2475029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2851640/CT2851640[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/maxi.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play_mi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"1d8[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=it", "\"4c6[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"eee4ba03522161688225[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"8182d902829ad45e6e1[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"49f5137541ff63e41b9[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"4481bf5704d7c39f960[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"00b8077a7e8973f9018[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"8a2b875b1aa16576c69[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"86401b8ba8452a06c9838[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"e83c587366a9bf149773d[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "myashampoo");
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Luciano\\AppData\\Roaming\\Mozilla\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2475029");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "myashampoo");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2475029,CT2851640");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029,CT2851640");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Sep 03 2011 22:37:12 GMT+0200 (ora l[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Sep 03 2011 22:37:12 GMT+0200 (ora legal[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "ae3fd741-db7b-45b0-a9da-13c0a7948c2b");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100 (ora[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "aa1e437e-f1c0-4168-89ea-a2d972c5cdaa");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851640");
Deleted : user_pref("CommunityToolbar.killedEngine", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Dec 22 2011 22:03:0[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Dec 22 2011 22:03:04 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Deleted : user_pref("CommunityToolbar.notifications.locale", "");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Dec 22 2011 22:02:56 GMT+0100 (o[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "56a88064-c054-4c0e-b245-6c02cfbd22ad");
Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100 [...]
Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100 ([...]
Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Thu Dec 22 2011 22:03:00 GMT+0100 ([...]
Deleted : user_pref("CommunityToolbar.undefined", "");
Deleted : user_pref("browser.search.defaultthis.engineName", "uTorrentBar_IT Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.gboxapp.com/?q=");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");
Deleted : user_pref("keyword.URL", "hxxp://search.gboxapp.com/?q=");
Deleted : user_pref("browser.newtab.url", "hxxp://isearch.babylon.com/?affID=115131&tt=3812_5&babsrc=NT_iclro&[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [61682 octets] - [30/09/2012 22:41:30]
AdwCleaner[S1].txt - [62963 octets] - [30/09/2012 22:42:11]

########## EOF - C:\AdwCleaner[S1].txt - [63024 octets] ##########
luciano999
Inviato: Sunday, September 30, 2012 11:13:38 PM

Rank: AiutAmico

Iscritto dal : 10/20/2010
Posts: 831
ComboFix 12-09-30.01 - Luciano 30/09/2012 22:57:03.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2480 [GMT 2:00]
Running from: c:\users\Luciano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01KI92CD\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\windows\cc.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-28 to 2012-09-30 )))))))))))))))))))))))))))))))
.
.
2012-09-30 21:03 . 2012-09-30 21:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-30 01:48 . 2012-09-30 01:48 -------- d-----w- c:\program files\Google
2012-09-30 01:48 . 2012-09-30 01:49 -------- d-----w- c:\programdata\Google Updater
2012-09-30 01:02 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-09-30 01:02 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-09-30 01:02 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-09-30 01:02 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-09-30 01:02 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-09-30 01:02 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-09-30 01:02 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-09-30 00:49 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-09-30 00:49 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-09-30 00:46 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-09-30 00:46 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-09-30 00:46 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-09-30 00:46 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-09-30 00:46 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-09-30 00:46 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-09-30 00:43 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-09-30 00:43 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-09-30 00:43 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-09-30 00:43 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-09-30 00:42 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-09-30 00:41 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-30 00:38 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-09-29 23:54 . 2012-09-18 22:58 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F60E2F47-FEA4-4106-BC5D-75E79FC3B79D}\mpengine.dll
2012-09-29 23:22 . 2012-09-30 01:29 -------- d-----w- c:\users\Luciano\AppData\Local\Deployment
2012-09-29 23:22 . 2012-09-29 23:22 -------- d-----w- c:\users\Luciano\AppData\Local\Apps
2012-09-23 02:44 . 2012-09-23 02:44 -------- d-----w- c:\program files (x86)\wxDownload Fast
2012-09-23 02:44 . 2012-09-23 02:44 -------- d-----w- c:\program files (x86)\SProtector
2012-09-23 02:38 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-09-23 02:38 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-09-23 02:37 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-09-23 02:37 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-09-23 02:37 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-09-23 02:37 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-09-23 02:37 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-09-23 02:37 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-09-23 02:37 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-09-23 02:34 . 2012-09-23 02:34 -------- d-----w- c:\users\Luciano\AppData\Roaming\ExpressFiles
2012-09-19 16:36 . 2012-09-19 16:36 -------- d-----w- c:\users\Luciano\AppData\Local\Canon Easy-PhotoPrint EX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-30 22:43 . 2011-02-18 20:39 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-21 09:13 . 2011-05-22 22:03 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2011-01-09 19:51 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-01-09 19:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-05-11 09:49 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-01-09 19:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-01-09 19:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-01-09 19:51 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-01-09 19:51 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-01-15 03:25 285328 ----a-w- c:\windows\system32\aswBoot.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9a95b751-bf3e-4ea8-a938-2d4d84cd4964}]
2011-05-30 14:44 87488 ----a-w- c:\progra~2\LPHANT~2\MediaBar\Datamngr\ToolBar\lpdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EA35911C-1B6A-4AF3-B803-913BA025C271}]
2011-08-09 13:13 1235352 ----a-w- c:\progra~2\LPHANT~2\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{9a95b751-bf3e-4ea8-a938-2d4d84cd4964}"= "c:\progra~2\LPHANT~2\MediaBar\Datamngr\ToolBar\lpdtxmltbpi.dll" [2011-05-30 87488]
.
[HKEY_CLASSES_ROOT\clsid\{9a95b751-bf3e-4ea8-a938-2d4d84cd4964}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Mobile Partner"="c:\program files (x86)\3 Internet\3 Internet.exe" [2011-01-09 110592]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-01-12 592616]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-07-01 296096]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AnalyzeRP.exe [2010-12-8 419723]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\LPHANT~2\MediaBar\Datamngr\datamngr.dll c:\progra~2\LPHANT~2\MediaBar\Datamngr\IEBHO.dll
.
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [x]
R2 gupdate;Servizio Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-27 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-12-07 246224]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-27 136176]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [2010-09-02 119680]
R3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\DRIVERS\ONDAusbnet.sys [2010-09-02 135168]
R3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys [2010-09-02 119680]
R3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys [2010-09-02 119680]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-04-05 341296]
S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2010-09-28 301024]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-30 c:\windows\Tasks\GBoxUpdaterTask{890E9C0E-E1BE-4832-B1F4-89B1CA3A0DF7}.job
- c:\programdata\Premium\GBox\GBox.exe [2012-09-23 12:31]
.
2012-09-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-30 01:48]
.
2012-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-27 01:23]
.
2012-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-27 01:23]
.
2012-09-30 c:\windows\Tasks\WxDFastUpdaterTask{CDFEF98B-F92A-4D27-B9AD-2F65B54D9EDC}.job
- c:\programdata\Premium\WxDFast\WxDFast.exe [2012-09-23 12:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\LPHANT~2\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\LPHANT~2\MediaBar\Datamngr\x64\IEBHO.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Local Website Archive - c:\users\Luciano\AppData\Roaming\aignes\Local Website Archive\config\iearc.htm
IE: Crawler Search
IE: Download with &Media Finder
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: Interfaces\{AE509428-C72C-42BF-8477-9223D0421CD5}: NameServer = 62.13.173.92 62.13.173.93
FF - ProfilePath - c:\users\Luciano\AppData\Roaming\Mozilla\Firefox\Profiles\nai463kg.default\
FF - prefs.js: browser.search.selectedEngine - GadgetBox
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Toolbar-10 - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-30 23:07:46
ComboFix-quarantined-files.txt 2012-09-30 21:07
.
Pre-Run: 40.850.939.904 byte disponibili
Post-Run: 43.106.557.952 byte disponibili
.
- - End Of File - - 6BA88658467075A707230F8A9ACD5A19
luciano999
Inviato: Sunday, September 30, 2012 11:40:45 PM

Rank: AiutAmico

Iscritto dal : 10/20/2010
Posts: 831
Dopo le scansioni con combo, e clinner sembra che tutto e tornato a funzionare,
funziona crome, firefox, e non vedo piu' errori.

Solo non saprei se il caso e risolto, o se a livello piu' profondo sono rimaste delle tracce di virus ????

intanto grazie per l'aiuto ricevuto
luciano999
Inviato: Tuesday, October 02, 2012 2:11:01 PM

Rank: AiutAmico

Iscritto dal : 10/20/2010
Posts: 831
Ciao non ho avuto piu risposta riguardo al log postato
grazie per le risposte
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.