Home News Guide Hardware Download Forum Glossario

Condividi:        

Virus .exe

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Regole del forum
Rispondi al post

Virus .exe

Postdi Riky93 » 04/10/13 17:52

Buonasera,
non so che titolo mettere..scusate!!
Ho un problema riguardante un virus e un mio amico mi ha consigliato questo sito per vedere se è possibile trovare una soluzione..intanto ringrazio tutti per l'attenzione che porrete a questa mia domanda e vi ringrazio per l'impegno che metterete per rispondermi e aiutarmi...Grazie!!!!!!
...allora il mio problema è che nel hdd esterno da 1 tera avevo dei file. Un giorno inserendolo mi è venuto fuori avg e mi segnalava che avevo dei virus sull'hdd, dei virus con il nome della cartella e poi .exe..per esempio "dati.exe". Avg mi ha tolto i virus ma ora non vedo più le cartelle, occupano la memoria nell'hdd, ma non compaiono visivamente!! c'è un modo abbastanza facile per recuperarle oppure devo formattare l'hdd?? e poi, formattandolo sono sicuro che non possano rimanere dei virus?? Quest'ultima domanda mi serve anche come conoscenza per il futuro..quando dovrò formattare qualcosa..
Poi questo mi accade anche nel pc portatile, si è infettato, ma quando mi toglie i virusi .exe riesco lo stesso a vedere le cartelle, che dovrei fare?? far andare combofix??
Vi servono ulteriori info, delle foto sul problema..fate sapere!!
Riky93
Utente Junior
 
Post: 10
Iscritto il: 03/10/13 17:47
Top
Sponsor
 

Re: Virus .exe

Postdi Luke57 » 05/10/13 10:38

Ciao, scarica otl.exe sul desktop
http://oldtimer.geekstogo.com/OTL.exe
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.

A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt) che dovrai inserire qui:
http://wikisend.com/
per poterli vedere
(Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum).
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10
Top

Re: Virus .exe

Postdi Riky93 » 05/10/13 12:27

Questo procedimento devo farlo sia per il portatile sia per l'hdd esterno??
Riky93
Utente Junior
 
Post: 10
Iscritto il: 03/10/13 17:47
Top

Re: Virus .exe

Postdi Riky93 » 05/10/13 13:32

Ecco..cmq ora vedo come cartelle nascoste, le cartelle sull'hdd esterno!!
I link:
Extras.Txt
OTL.Txt

Attendo tue/vostre notizie!!
Comunque volevo dirvi che il problema l'ho riscontrato a fine febbraio.
Riky93
Utente Junior
 
Post: 10
Iscritto il: 03/10/13 17:47
Top

Re: Virus .exe

Postdi Luke57 » 05/10/13 15:10

Ciao, scarica adwcleaner
http://general-changelog-team.fr/en/dow ... adwcleaner
salvalo sul desktop, avvialo, clicca su ELIMINA e posta il log che si formerà dopo il riavvio.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10
Top

Re: Virus .exe

Postdi Riky93 » 05/10/13 15:35

è in inglese...devo fare "clean" o "report" o "uninstall"??
Riky93
Utente Junior
 
Post: 10
Iscritto il: 03/10/13 17:47
Top

Re: Virus .exe

Postdi Riky93 » 05/10/13 17:06

Ciao,
ho provato a fare "Clean" però mi è uscito Avg (lascio il link della segnalazione) proprio quando stava per iniziare a cancellare quello che avevo trovato, così ho cliccato "Proteggimi" e mi ha cancellato AdwCleaner.
Poi l'ho reinstallato usando il tuo link, e appena lo aprivo mi usciva Avg così ho cliccato "Permetti". E la schermata uscita l'ho salvata come AdwCleaner 2.
Devo lo stesso procedere con "clean"?

AdwCleaner.JPG
AdwCleaner 2.JPG
Riky93
Utente Junior
 
Post: 10
Iscritto il: 03/10/13 17:47
Top

Re: Virus .exe

Postdi Luke57 » 06/10/13 17:00

Ciao, sì, poi al riavvio, salva il report di file testo che si apre automaticamente, copia il suo contenuto e inseriscilo in un post.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10
Top

Re: Virus .exe

Postdi Riky93 » 06/10/13 18:07

Ecco..nell'hdd esterno mi sembra non scoprisse nulla..

# AdwCleaner v3.006 - Report created 06/10/2013 at 18:49:46
# Updated 01/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : utente - CB22553DBB44452
# Running from : C:\Documents and Settings\utente\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : CltMngSvc
[#] Service Deleted : IBUpdaterService

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Dati applicazioni\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Dati applicazioni\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Dati applicazioni\SweetIM
Folder Deleted : C:\Documents and Settings\All Users\Dati applicazioni\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Menu Avvio\Programmi\PriceGong
Folder Deleted : C:\Programmi\~BabylonToolbar
Folder Deleted : C:\Programmi\1ClickDownload
Folder Deleted : C:\Programmi\AVG Secure Search
Folder Deleted : C:\Programmi\BrowserCompanion
Folder Deleted : C:\Programmi\Conduit
Folder Deleted : C:\Programmi\fbphotozoom
Folder Deleted : C:\Programmi\Funmoods
Folder Deleted : C:\Programmi\PriceGong
Folder Deleted : C:\Programmi\Searchprotect
Folder Deleted : C:\Programmi\SweetIM
Folder Deleted : C:\Programmi\Yontoo
Folder Deleted : C:\Programmi\File comuni\AVG Secure Search
Folder Deleted : C:\WINDOWS\system32\ARFC
Folder Deleted : C:\WINDOWS\system32\jmdp
Folder Deleted : C:\WINDOWS\system32\WNLT
Folder Deleted : C:\Documents and Settings\LocalService\Dati applicazioni\Searchprotect
Folder Deleted : C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\AVG Secure Search
Folder Deleted : C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Babylon
Folder Deleted : C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Conduit
Folder Deleted : C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\lollipop
Folder Deleted : C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Smartbar
Folder Deleted : C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater
Folder Deleted : C:\DOCUME~1\utente\IMPOST~1\Temp\BabylonToolbar
Folder Deleted : C:\DOCUME~1\utente\IMPOST~1\Temp\Smartbar
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\AVG Secure Search
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\Babylon
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\BabylonToolbar
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\Funmoods
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\OpenCandy
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\PriceGong
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\Searchprotect
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\Smartbar
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\Extensions\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\Extensions\bbrs_002@blabbers.com
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\Extensions\ffxtlbr@funmoods.com
File Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\Extensions\plugin@yontoo.com.xpi
File Deleted : C:\END
File Deleted : C:\WINDOWS\system32\dmwu.exe
File Deleted : C:\WINDOWS\system32\ImhxxpComm.dll
File Deleted : C:\Documents and Settings\utente\Desktop\Search The Web.url
File Deleted : C:\Programmi\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Programmi\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\searchplugins\funmoods.xml
File Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\searchplugins\MyStart Search.xml
File Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\searchplugins\MyStart.xml
File Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\searchplugins\Web Search.xml
File Deleted : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtect]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Browser companion helper]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3205709
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Programmi\Samsung\Samsung New PC Studio\npsasvr.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Programmi\Samsung\Samsung New PC Studio\npsvsvr.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Programmi\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\WINDOWS\system32\ARFC\wrtc.exe]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\bbrs_002.tb
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\BrowserCompanion
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\lollipop
Key Deleted : HKCU\Software\Offerbox
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\smartbar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wnlt
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Funmoods
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\SoftwareUpdater
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\wnlt
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\wnlt
Product Deleted : Internet Explorer Toolbar 4.6 by SweetPacks
Product Deleted : Update Manager for SweetPacks 1.1

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v24.0 (it)

[ File : C:\Documents and Settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\xxwihrrg.default\prefs.js ]

Line Deleted : user_pref("CT3205709.1000082.isDisplayHidden", "true");
Line Deleted : user_pref("CT3205709.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT3205709.CBOpenMAMSettings.enc", "MA==");
Line Deleted : user_pref("CT3205709.CT3205709ads1.enc", "JTdCJTIyYWRzJTIyJTNBJTVCJTdCJTIyYWlkJTIyJTNBJTIyNzkyNjElMjIlMkMlMjJ0aXRsZSUyMiUzQSUyMiV1MjVDRkhhaSUyMCUyODIlMjklMjBNZXNzYWdnaSUyMGQldTIwMTlhbW9yZSV1MjVDRiUyMi[...]
Line Deleted : user_pref("CT3205709.CT3205709current_term.enc", "AA==");
Line Deleted : user_pref("CT3205709.CT3205709sdate.enc", "MTM=");
Line Deleted : user_pref("CT3205709.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3205709.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3205709.FirstTime", "true");
Line Deleted : user_pref("CT3205709.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3205709.InstallDate", "13/1/2013 12:04:34");
Line Deleted : user_pref("CT3205709.LoginRevertSettingsEnabled", true);
Line Deleted : user_pref("CT3205709.RevertSettingsEnabled", true);
Line Deleted : user_pref("CT3205709.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=2&CUI=SB_CUI&q=");
Line Deleted : user_pref("CT3205709.UserID", "UN83060068889864526");
Line Deleted : user_pref("CT3205709.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3205709.autoDisableScopes", 14);
Line Deleted : user_pref("CT3205709.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT3205709.cbfirsttime.enc", "U3VuIEphbiAxMyAyMDEzIDEyOjIzOjAzIEdNVCswMTAwIChvcmEgc29sYXJlIEV1cm9wYSBvY2NpZGVudGFsZSk=");
Line Deleted : user_pref("CT3205709.defaultSearch", "true");
Line Deleted : user_pref("CT3205709.embeddedsData", "[{\"appId\":\"129780988072000786\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3205709.enableAlerts", "always");
Line Deleted : user_pref("CT3205709.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3205709.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3205709.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3205709.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3205709.fixUrls", true);
Line Deleted : user_pref("CT3205709.installId", "stub.exe");
Line Deleted : user_pref("CT3205709.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3205709.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3205709.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3205709.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3205709.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3205709.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3205709.keyword", true);
Line Deleted : user_pref("CT3205709.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3205709&octid=CT3205709&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1\"}");
Line Deleted : user_pref("CT3205709.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3205709.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://BrotherSoftExtreme3.OurT[...]
Line Deleted : user_pref("CT3205709.openThankYouPage", "false");
Line Deleted : user_pref("CT3205709.openUninstallPage", "true");
Line Deleted : user_pref("CT3205709.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"01\\\\/13\\\\/2013 14\\\"}\"}");
Line Deleted : user_pref("CT3205709.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3205709.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3205709.search.searchAppId", "129780988072000786");
Line Deleted : user_pref("CT3205709.search.searchCount", "0");
Line Deleted : user_pref("CT3205709.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3205709.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3205709.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3205709.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\"}");
Line Deleted : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3205709\"}");
Line Deleted : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BrotherSoftExtreme3.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BrotherSoft Extreme3\"}");
Line Deleted : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3205709.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1358076175202");
Line Deleted : user_pref("CT3205709.serviceLayer_services_appsMetadata_lastUpdate", "1358080698688");
Line Deleted : user_pref("CT3205709.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1358076177193");
Line Deleted : user_pref("CT3205709.serviceLayer_services_login_10.13.511.2_lastUpdate", "1358076172009");
Line Deleted : user_pref("CT3205709.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1358076177438");
Line Deleted : user_pref("CT3205709.serviceLayer_services_searchAPI_lastUpdate", "1358076167717");
Line Deleted : user_pref("CT3205709.serviceLayer_services_serviceMap_lastUpdate", "1358076159116");
Line Deleted : user_pref("CT3205709.serviceLayer_services_toolbarContextMenu_lastUpdate", "1358076177297");
Line Deleted : user_pref("CT3205709.serviceLayer_services_toolbarSettings_lastUpdate", "1358080693649");
Line Deleted : user_pref("CT3205709.serviceLayer_services_translation_lastUpdate", "1358076171293");
Line Deleted : user_pref("CT3205709.serviceLayer_services_userApps1ec55dac-8dca-406b-9697-5d68893c1c0c_lastUpdate", "1358080693972");
Line Deleted : user_pref("CT3205709.serviceLayer_services_userApps_lastUpdate", "1358080694012");
Line Deleted : user_pref("CT3205709.settingsINI", true);
Line Deleted : user_pref("CT3205709.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3205709.smartbar.CTID", "CT3205709");
Line Deleted : user_pref("CT3205709.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3205709.smartbar.homepage", true);
Line Deleted : user_pref("CT3205709.smartbar.toolbarName", "BrotherSoft Extreme3 ");
Line Deleted : user_pref("CT3205709.toolbarBornServerTime", "13-1-2013");
Line Deleted : user_pref("CT3205709.toolbarCurrentServerTime", "13-1-2013");
Line Deleted : user_pref("CT3205709.toolbarDisabled", "true");
Line Deleted : user_pref("CT3205709.url_history0001.enc", "aHR0cDovL3d3dy5wbWkuaXQvaW1wcmVzYS9jb250YWJpbGl0YS1lLWZpc2NvL3doaXRlcGFwZXIvNTIyMTIvcmVkZGl0b21ldHJvLTIwMTItbGluZm9ncmFmaWNhLWRpLXBtaS1pdC5odG1sOjo6Y2xpY2to[...]
Line Deleted : user_pref("CT3205709_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1358080588546,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3205709&octid=CT3205709&SearchSource=61&CUI=SB_CUI&UP=SPD682A7E4-4AF5-43A8-8354-3AC656C705A9");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "BrotherSoft Extreme3 Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=2&CUI=SB_CUI&q=");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.sweetim.com/search.asp?barid={E2336026-F572-4D0C-BFCC-75F5C11F1F70}&src=2&crg=3.1010006&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3205709");
Line Deleted : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Dati applicazioni\\AVG Secure Search\\FireFoxExt\\17.0.1.12");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("extensions.BabylonToolbar.SimilarSitesStorage-pid2", "ced3183ee3accfa2");
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=101391");
Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 6);
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", true);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "446017fb00000000000000197eab71c0");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15470");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 6);
Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1714:52:00");
Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "24.0");
Line Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
Line Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 119638007);
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1714:52:00");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101391");
Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "446017fb00000000000000197eab71c0");
Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "446017fb00000000000000197eab71c0");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15470");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:52:00");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.enabledAddons", "ffxtlbr%40babylon.com:1.2.0,ffxtlbr%40funmoods.com:1.5.0,%7Baf344a63-55eb-40e2-87cd-1bafad3a81de%7D:1.1,%7B8A9386B4-E958-4c4c-ADF4-8F26DB3E4829%7D:2.6.10,plugin%[...]
Line Deleted : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "ced3183ee3accfa2");
Line Deleted : user_pref("extensions.funmoods.admin", false);
Line Deleted : user_pref("extensions.funmoods.aflt", "nv1");
Line Deleted : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Line Deleted : user_pref("extensions.funmoods.cntry", "");
Line Deleted : user_pref("extensions.funmoods.cv", "cv5");
Line Deleted : user_pref("extensions.funmoods.dfltLng", "EN");
Line Deleted : user_pref("extensions.funmoods.dfltSrch", true);
Line Deleted : user_pref("extensions.funmoods.dfltlng", "EN");
Line Deleted : user_pref("extensions.funmoods.dfltsrch", true);
Line Deleted : user_pref("extensions.funmoods.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods.fmupdtFirst", false);
Line Deleted : user_pref("extensions.funmoods.hdrMd5", "5A9F73AF0C0A09FE49D2A6B98080CE51");
Line Deleted : user_pref("extensions.funmoods.hmpg", true);
Line Deleted : user_pref("extensions.funmoods.hrdid", "446017fb00000000000000197eab71c0");
Line Deleted : user_pref("extensions.funmoods.id", "446017fb00000000000000197eab71c0");
Line Deleted : user_pref("extensions.funmoods.instlDay", "15382");
Line Deleted : user_pref("extensions.funmoods.instlRef", "");
Line Deleted : user_pref("extensions.funmoods.instlday", "15382");
Line Deleted : user_pref("extensions.funmoods.instlref", "");
Line Deleted : user_pref("extensions.funmoods.isDcmntCmplt", true);
Line Deleted : user_pref("extensions.funmoods.isdcmntcmplt", false);
Line Deleted : user_pref("extensions.funmoods.keywordurl", "");
Line Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.1618:31:48");
Line Deleted : user_pref("extensions.funmoods.newTab", true);
Line Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1");
Line Deleted : user_pref("extensions.funmoods.newtab", true);
Line Deleted : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=nv1");
Line Deleted : user_pref("extensions.funmoods.noFFXTlbr", false);
Line Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods.propectorlck", 105018397);
Line Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods.prtnrid", "funmoods");
Line Deleted : user_pref("extensions.funmoods.sg", "none");
Line Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods.smplgrp", "none");
Line Deleted : user_pref("extensions.funmoods.srch", "");
Line Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods.srchprvdr", "Search");
Line Deleted : user_pref("extensions.funmoods.stAdmnPrms", true);
Line Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
Line Deleted : user_pref("extensions.funmoods.tlbrid", "base");
Line Deleted : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
Line Deleted : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.11.1618:31:48");
Line Deleted : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods.vrsnts", "1.5.11.1618:31:48");
Line Deleted : user_pref("extensions.funmoods_i.aflt", "nv1");
Line Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Line Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
Line Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
Line Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods_i.hmpg", true);
Line Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=nv1");
Line Deleted : user_pref("extensions.funmoods_i.id", "446017fb00000000000000197eab71c0");
Line Deleted : user_pref("extensions.funmoods_i.instlDay", "15382");
Line Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Line Deleted : user_pref("extensions.funmoods_i.newTab", true);
Line Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1");
Line Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
Line Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1618:31:48");
Line Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
Line Deleted : user_pref("extensions.helperbar.Country", "Italy");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.UserID", "af344a63-55eb-40e2-87cd-1bafad3a81de");
Line Deleted : user_pref("extensions.helperbar.Visibility", false);
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,ezLooker,pagerage,buzzdock,toprelatedtopics");
Line Deleted : user_pref("extentions.y2layers.installId", "18cfc0b7-80e0-4828-a5f6-c2d410a8e8aa");
Line Deleted : user_pref("extentions.y2layers.lastDnsTest", 372066);
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3205709&octid=CT3205709&SearchSource=61&CUI=SB_CUI&UP=SPD682A7E4-4AF5-43A8-8354-3AC656C705A9,hxxp://search.conduit.com/?cti[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=2&CUI=SB_CUI&q=");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.google.it/");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.sweetim.com/search.asp?barid={E2336026-F572-4D0C-BFCC-75F5C11F1F70}&src=2&crg=3.1010006&q=");
Line Deleted : user_pref("smartbar.originalSearchEngine", "Google");

*************************

AdwCleaner[R0].txt - [98392 octets] - [05/10/2013 16:32:48]
AdwCleaner[R1].txt - [98442 octets] - [05/10/2013 16:41:32]
AdwCleaner[S0].txt - [49756 octets] - [06/10/2013 18:49:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [49817 octets] ##########
Riky93
Utente Junior
 
Post: 10
Iscritto il: 03/10/13 17:47
Top

Re: Virus .exe

Postdi Luke57 » 07/10/13 17:44

Ciao, esegui una nuova scansione con otl e inserisci in wikisend solo il report otl.txt.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10
Top

Re: Virus .exe

Postdi Riky93 » 07/10/13 18:36

fatto..
OTL.Txt
Riky93
Utente Junior
 
Post: 10
Iscritto il: 03/10/13 17:47
Top

Re: Virus .exe

Postdi Luke57 » 07/10/13 23:36

Ciao, apri otl, nel suo box bianco copia e incolla il seguente script:

:OTL
PRC - C:\Documents and Settings\All Users\Documenti\AppData\PoApp\PService.exe (PService)
SRV - (vToolbarUpdater17.0.12) -- C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe File not found
SRV - (SoftwareUpd) -- C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (PowerOffer Service) -- C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\PosService\Pos.exe (PowerOfferService)
O4 - HKLM..\Run: [Bron-Spizaetus] File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [PosService] C:\Documents and Settings\All Users\Documenti\AppData\PoApp\PLauncher.exe (PLauncher)
O4 - HKU\.DEFAULT..\Run: [SearchProtect] C:\Documents and Settings\LocalService\Dati applicazioni\SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-18..\Run: [SearchProtect] C:\Documents and Settings\LocalService\Dati applicazioni\SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-21-1060284298-1580436667-725345543-1003..\Run: [Tok-Cirrhatus] File not found
O20 - HKLM Winlogon: Shell - ("C:\WINDOWS\sembako-cjzjmpg.exe") - File not found

:Commands
[emptytemp]

Clicca sul pulsante "Run Fix"
Quando il programma ha terminato riavvia il pc, al riavvio rilascirà un log, postalo.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10
Top

Re: Virus .exe

Postdi Riky93 » 08/10/13 19:33

All processes killed
========== OTL ==========
No active process named PService.exe was found!
Service vToolbarUpdater17.0.12 stopped successfully!
Service vToolbarUpdater17.0.12 deleted successfully!
File C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe File not found not found.
Service SoftwareUpd stopped successfully!
Service SoftwareUpd deleted successfully!
File C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe File not found not found.
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File %SystemRoot%\System32\hidserv.dll File not found not found.
Service PowerOffer Service stopped successfully!
Service PowerOffer Service deleted successfully!
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\PosService\Pos.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Bron-Spizaetus deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PosService deleted successfully.
C:\Documents and Settings\All Users\Documenti\AppData\PoApp\PLauncher.exe moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect not found.
Registry value HKEY_USERS\S-1-5-21-1060284298-1580436667-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Tok-Cirrhatus deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:"C:\WINDOWS\sembako-cjzjmpg.exe" deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 21212638 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: utente
->Temp folder emptied: 1067718649 bytes
->Temporary Internet Files folder emptied: 1128514800 bytes
->Java cache emptied: 8725332 bytes
->FireFox cache emptied: 77554410 bytes
->Flash cache emptied: 122885 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2133872 bytes
%systemroot%\System32 .tmp files removed: 2885 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 360156516 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2.543,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10082013_202331

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\utente\Impostazioni locali\Temp\The Beatles - not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



Così va bene??
Riky93
Utente Junior
 
Post: 10
Iscritto il: 03/10/13 17:47
Top

Re: Virus .exe

Postdi Riky93 » 20/10/13 16:09

Ora cosa devo fare?? Vi prego di rispondere. Intanto grazie per il tuo aiuto Luke!!
Riky93
Utente Junior
 
Post: 10
Iscritto il: 03/10/13 17:47
Top
Rispondi al post

Torna a Sicurezza e Privacy


Topic correlati a "Virus .exe":

virus spagnolo nel router??
Autore: anm2004 		Forum: Sicurezza e Privacy
Risposte: 1
problema virus allo smart phone
Autore: terrybella 		Forum: Sicurezza e Privacy
Risposte: 8
Virus posta elettronica
Autore: libeccio20 		Forum: Sicurezza e Privacy
Risposte: 5
Problema tasto destro mouse, virus?
Autore: loyvaught 		Forum: Sicurezza e Privacy
Risposte: 1
virus ? spam? o cosa
Autore: loyvaught 		Forum: Sicurezza e Privacy
Risposte: 4

Chi c’è in linea

Visitano il forum: Nessuno e 51 ospiti