Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:08:30, on 9. 4. 2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
f:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
F:\download\RSIT.exe
C:\Program Files\trend micro\johny.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{69D ... 24334F3CE5}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://get.adobe.com/flashplayer/
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre7\bin\ssv.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre7\bin\jp2ssv.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{5954CCDD-DFBF-47C5-A255-4A429D9CD15C}: NameServer = 88.212.8.8,88.212.8.88
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - f:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - f:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 5976 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.265 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=F:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.0]
"Description"=VLC Multimedia Plugin
"Path"=f:\Program Files\VideoLAN\VLC\npvlc.dll
f:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
f:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
f:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
babylon.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\
ffxtlbr@babylon.com
flashbug@coursevector.com
foxyproxy@eric.h.jung
{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\searchplugins\
conduit.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - F:\Program Files\Java\jre7\bin\ssv.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Program Files\Java\jre7\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-11-08 137752]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-11-08 141848]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2012-02-24 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2007-11-08 166424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
f:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-09-29 766536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
F:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2012-02-24 16861184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2013-01-07 446648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-16 1024000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2007-08-02 2760704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-10-30 208896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoResolveTrack"=1
"NoResolveSearch"=1
"NoSMConfigurePrograms"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\Program Files\VideoLAN\VLC\vlc.exe"="F:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.0"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"F:\Program Files\Age of Empires\Empires.exe"="F:\Program Files\Age of Empires\Empires.exe:*:Enabled:Age of Empires"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"F:\Program Files\Skype\Phone\Skype.exe"="F:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.vorbis"=vorbis.acm
"VIDC.FPS1"=frapsvid.dll
======List of files/folders created in the last 1 month======
2013-04-09 20:08:28 ----D---- C:\rsit
2013-04-09 20:05:02 ----D---- C:\WINDOWS\temp
2013-04-09 20:05:01 ----A---- C:\ComboFix.txt
2013-04-09 19:57:58 ----A---- C:\WINDOWS\zip.exe
2013-04-09 19:57:58 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-04-09 19:57:58 ----A---- C:\WINDOWS\SWSC.exe
2013-04-09 19:57:58 ----A---- C:\WINDOWS\SWREG.exe
2013-04-09 19:57:58 ----A---- C:\WINDOWS\sed.exe
2013-04-09 19:57:58 ----A---- C:\WINDOWS\PEV.exe
2013-04-09 19:57:58 ----A---- C:\WINDOWS\NIRCMD.exe
2013-04-09 19:57:58 ----A---- C:\WINDOWS\MBR.exe
2013-04-09 19:57:58 ----A---- C:\WINDOWS\grep.exe
2013-04-09 19:57:47 ----AD---- C:\Qoobox
2013-04-09 19:57:34 ----D---- C:\WINDOWS\erdnt
2013-04-09 19:09:34 ----A---- C:\avast_free_antivirus_setup.exe
2013-04-09 18:50:55 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-04-09 18:50:55 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-04-09 18:50:23 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-04-09 18:50:23 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-04-09 18:50:22 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-04-09 18:50:22 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2013-04-09 18:50:21 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-04-09 18:50:17 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-04-09 18:48:36 ----D---- C:\Program Files\AVAST Software
2013-04-07 13:51:12 ----D---- C:\Program Files\WinHTTrack
2013-04-07 00:56:23 ----D---- C:\backups
2013-04-07 00:54:19 ----A---- C:\HijackThis.exe
2013-04-07 00:52:57 ----D---- C:\ProcessExplorer (1)
2013-04-06 18:17:02 ----A---- C:\WINDOWS\dirOpener.ini
2013-04-04 13:35:54 ----D---- C:\Documents and Settings\johny\Application Data\Eltima Software
2013-04-03 19:24:52 ----D---- C:\Documents and Settings\johny\Application Data\Wireshark
2013-04-03 19:08:03 ----D---- C:\Program Files\WinPcap
2013-04-02 21:48:08 ----D---- C:\Program Files\Opera
2013-03-24 23:20:26 ----D---- C:\Program Files\ManyCam
2013-03-20 23:08:19 ----D---- C:\Documents and Settings\johny\Application Data\Hide IP Speed
2013-03-14 21:26:40 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-03-14 21:26:39 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-03-14 21:22:42 ----D---- C:\Documents and Settings\johny\Application Data\BabSolution
======List of files/folders modified in the last 1 month======
2013-04-09 20:08:30 ----D---- C:\Temp
2013-04-09 20:08:30 ----D---- C:\Program Files\Trend Micro
2013-04-09 20:05:02 ----D---- C:\WINDOWS
2013-04-09 20:04:32 ----SD---- C:\WINDOWS\Tasks
2013-04-09 20:03:56 ----A---- C:\WINDOWS\system.ini
2013-04-09 20:03:50 ----D---- C:\WINDOWS\system32\drivers\etc
2013-04-09 20:02:06 ----D---- C:\WINDOWS\system32\drivers
2013-04-09 20:02:06 ----D---- C:\WINDOWS\system32
2013-04-09 20:02:06 ----D---- C:\WINDOWS\AppPatch
2013-04-09 20:02:03 ----D---- C:\Program Files\Common Files
2013-04-09 19:59:13 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-09 19:58:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-09 19:57:48 ----D---- C:\WINDOWS\Prefetch
2013-04-09 19:16:21 ----SHD---- C:\WINDOWS\Installer
2013-04-09 19:16:20 ----D---- C:\WINDOWS\WinSxS
2013-04-09 19:16:20 ----D---- C:\Config.Msi
2013-04-09 19:15:59 ----HD---- C:\WINDOWS\inf
2013-04-09 18:50:36 ----D---- C:\WINDOWS\system32\CatRoot
2013-04-09 18:48:36 ----RD---- C:\Program Files
2013-04-09 18:48:36 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2013-04-09 18:10:10 ----D---- C:\Documents and Settings\johny\Application Data\BitTorrent
2013-04-08 23:34:38 ----D---- C:\Documents and Settings\johny\Application Data\Skype
2013-04-02 14:54:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-03-27 23:21:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-03-25 21:27:16 ----RSD---- C:\WINDOWS\Fonts
2013-03-25 21:10:39 ----D---- C:\Documents and Settings\johny\Application Data\Adobe
2013-03-20 23:07:34 ----A---- C:\WINDOWS\system32\EasyRedirectOff.ini
2013-03-20 23:07:34 ----A---- C:\WINDOWS\system32\EasyRedirect.ini
2013-03-14 22:40:00 ----ASH---- C:\boot.ini
2013-03-14 21:21:55 ----A---- C:\WINDOWS\system32\sqlite3.dll
2013-03-13 21:02:31 ----D---- C:\Documents and Settings
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2013-03-07 21576]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-03-07 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2001-08-10 3252]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-04-08 1309504]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-10-30 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-02-24 4707328]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-08-10 12160]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2008-08-10 70400]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-11-16 219136]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
S3 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 btkrnl;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2012-02-24 47272]
S3 catchme;catchme; \??\C:\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ManyCam;ManyCam Virtual Webcam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [2012-10-11 34432]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\WINDOWS\system32\drivers\mcaudrv.sys [2013-01-31 22656]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2013-02-13 33512]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;Sony so0101 ADB Interface; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2008-04-09 467028]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 MBAMScheduler;MBAMScheduler; f:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-26 116648]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf []
S2 MBAMService;MBAMService; f:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-26 116648]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S4 wampapache;wampapache; E:\wamp\wamp\bin\apache\apache2.2.22\bin\httpd.exe -k runservice []
S4 wampmysqld;wampmysqld; E:\wamp\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe wampmysqld []
-----------------EOF-----------------
Notebook sa niekedy restartuje niesom si isty ci to je HW alebo SW problem.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim CHECK
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim CHECK
Zdravím, pustit si tam ComboFix Ti poradil kdo ?
Tohle fixni v HJT :
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre7\bin\ssv.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre7\bin\jp2ssv.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
HJT najdeš zde :
C:\Program Files\trend micro\johny.exe
Fix znamená že spustíš HJT
jako admin
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo dole klikni na Search.
Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.
Tohle fixni v HJT :
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre7\bin\ssv.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre7\bin\jp2ssv.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
HJT najdeš zde :
C:\Program Files\trend micro\johny.exe
Fix znamená že spustíš HJT
jako adminv okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo dole klikni na Search.
Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.
Re: Prosim CHECK
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\johny\My Documents\Uninstall.exe
File Found : C:\user.js
Folder Found : C:\Documents and Settings\All Users\Application Data\Ask
Folder Found : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Found : C:\Documents and Settings\johny\Application Data\BabSolution
Folder Found : C:\Documents and Settings\johny\Application Data\Babylon
Folder Found : C:\Documents and Settings\johny\Application Data\BabylonToolbar
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\ConduitCommon
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\CT2790392
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\CT2790392
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\ffxtlbr@babylon.com
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\APN
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\BitTorrentBar
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Folder Found : C:\Program Files\Conduit
***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\BitTorrentBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKCU\Software\Microsoft\Babylon
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Toolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\Software\BitTorrentBar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Found : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6B7CAA5-9197-4954-B4BB-BA46A7EC310C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF798C9A-77DC-43A4-B81D-0EE61BACFFCA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Key Found : HKLM\Software\PIP
Key Found : HKU\S-1-5-21-1214440339-1454471165-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1214440339-1454471165-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
***** [Internet Browsers] *****
-\\ Internet Explorer v7.0.5730.13
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/hypercam/{69D6DB25-8 ... 24334F3CE5}
-\\ Mozilla Firefox v15.0.1 (en-US)
File : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\prefs.js
Found : user_pref("CT2790392..clientLogIsEnabled", true);
Found : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Found : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
Found : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
Found : user_pref("CT2790392.CTID", "CT2790392");
Found : user_pref("CT2790392.CurrentServerDate", "7-4-2013");
Found : user_pref("CT2790392.DSChangedManually", false);
Found : user_pref("CT2790392.DSInstall", true);
Found : user_pref("CT2790392.DSProtectChoice", true);
Found : user_pref("CT2790392.DSProtectCount", 1);
Found : user_pref("CT2790392.DialogsAlignMode", "LTR");
Found : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat Apr 06 2013 17:33:24 GMT+0200 (Central Europe[...]
Found : user_pref("CT2790392.DownloadReferralCookieData", "");
Found : user_pref("CT2790392.EMailNotifierPollDate", "Sat Apr 06 2013 17:33:22 GMT+0200 (Central Europe Dayl[...]
Found : user_pref("CT2790392.FeedLastCount129313977501788460", 467);
Found : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Found : user_pref("CT2790392.FeedTTL129313975698350231", 5);
Found : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Found : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Found : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Found : user_pref("CT2790392.FirstServerDate", "15-7-2012");
Found : user_pref("CT2790392.FirstTime", true);
Found : user_pref("CT2790392.FirstTimeFF3", true);
Found : user_pref("CT2790392.FirstTimeHiddenVer", true);
Found : user_pref("CT2790392.FixPageNotFoundErrors", true);
Found : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2790392.HPChangedManually", true);
Found : user_pref("CT2790392.HPInstall", true);
Found : user_pref("CT2790392.HPProtectChoice", true);
Found : user_pref("CT2790392.HPProtectCount", 1);
Found : user_pref("CT2790392.HasUserGlobalKeys", true);
Found : user_pref("CT2790392.HomePageProtectorEnabled", false);
Found : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=[...]
Found : user_pref("CT2790392.Initialize", true);
Found : user_pref("CT2790392.InitializeCommonPrefs", true);
Found : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2790392.InstallationId", "fft2D.tmp.exe");
Found : user_pref("CT2790392.InstallationType", "XPE");
Found : user_pref("CT2790392.InstalledDate", "Sun Jul 15 2012 20:02:59 GMT+0200 (Central Europe Daylight Tim[...]
Found : user_pref("CT2790392.IsAlertDBUpdated", true);
Found : user_pref("CT2790392.IsGrouping", false);
Found : user_pref("CT2790392.IsInitSetupIni", true);
Found : user_pref("CT2790392.IsMulticommunity", false);
Found : user_pref("CT2790392.IsOpenThankYouPage", false);
Found : user_pref("CT2790392.IsOpenUninstallPage", false);
Found : user_pref("CT2790392.IsProtectorsInit", true);
Found : user_pref("CT2790392.LanguagePackLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe [...]
Found : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2790392.LastLogin_3.13.0.6", "Wed Jul 25 2012 20:42:02 GMT+0200 (Central Europe Dayligh[...]
Found : user_pref("CT2790392.LastLogin_3.16.0.3", "Sat Feb 09 2013 01:26:14 GMT+0100 (Central Europe Standar[...]
Found : user_pref("CT2790392.LastLogin_3.18.0.7", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe Dayligh[...]
Found : user_pref("CT2790392.LatestVersion", "3.18.0.7");
Found : user_pref("CT2790392.Locale", "en");
Found : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Found : user_pref("CT2790392.MCDetectTooltipShow", false);
Found : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Found : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2790392.OriginalFirstVersion", "3.13.0.6");
Found : user_pref("CT2790392.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Found : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchEngineBeforeUnload", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Found : user_pref("CT2790392.SearchInNewTabEnabled", true);
Found : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europ[...]
Found : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2790392.SearchProtectorEnabled", false);
Found : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Found : user_pref("CT2790392.ServiceMapLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europe Da[...]
Found : user_pref("CT2790392.SettingsLastCheckTime", "Sun Apr 07 2013 21:34:13 GMT+0200 (Central Europe Dayl[...]
Found : user_pref("CT2790392.SettingsLastUpdate", "1365360515");
Found : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Found : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Fri Mar 29 2013 17:15:43 GMT+0100 (Central Eur[...]
Found : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Found : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2790392.UserID", "UN97635022403183482");
Found : user_pref("CT2790392.ValidationData_Toolbar", 2);
Found : user_pref("CT2790392.WeatherNetwork", "");
Found : user_pref("CT2790392.WeatherPollDate", "Sat Apr 06 2013 17:53:24 GMT+0200 (Central Europe Daylight T[...]
Found : user_pref("CT2790392.WeatherUnit", "C");
Found : user_pref("CT2790392.alertChannelId", "1182482");
Found : user_pref("CT2790392.approveUntrustedApps", false);
Found : user_pref("CT2790392.autoDisableScopes", -1);
Found : user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6B716F6E7172776F");
Found : user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737177757477787D75242F4B4947[...]
Found : user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b-0?3g>d", "3B3A3E6972406C757A724475492049767E4F257C514F212A23[...]
Found : user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Found : user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Found : user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D464[...]
Found : user_pref("CT2790392.backendstorage./9b5ba==9cjag", "6A3F6E693F3F3F407A707479724A4C487D79507A24");
Found : user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B6D716E73727673747478");
Found : user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Found : user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F7674737975772A7975727A7B757E78");
Found : user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2790392.backendstorage.cb", "31");
Found : user_pref("CT2790392.backendstorage.cb_experience_000", "32");
Found : user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
Found : user_pref("CT2790392.backendstorage.cb_user_id_000", "43423431393136373639383437395F3133363134363538[...]
Found : user_pref("CT2790392.backendstorage.cbcountry_001", "534B");
Found : user_pref("CT2790392.backendstorage.cbfirsttime", "53756E204A756C20313520323031322032303A30333A30342[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333635323632343134323336");
Found : user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B22[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E342E342E36");
Found : user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
Found : user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333635323632343131323630");
Found : user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C69637[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.0.4", "7B22537461747573223A227375636365656465[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A227375636365656465[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
Found : user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Found : user_pref("CT2790392.backendstorage.mam_gk_userid", "30346664646134302D396330332D346534392D626538342[...]
Found : user_pref("CT2790392.backendstorage.pg_enable", "74727565");
Found : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Found : user_pref("CT2790392.backendstorage.searchappstate", "33");
Found : user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
Found : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F7A766564617665632E6F72672F6B6F6[...]
Found : user_pref("CT2790392.components.1000034", false);
Found : user_pref("CT2790392.components.1000234", false);
Found : user_pref("CT2790392.components.129309565073350181", false);
Found : user_pref("CT2790392.components.129309577647413174", false);
Found : user_pref("CT2790392.components.129309578575850709", false);
Found : user_pref("CT2790392.components.129313977501788460", false);
Found : user_pref("CT2790392.components.129526968991422666", false);
Found : user_pref("CT2790392.components.129791371079091292", false);
Found : user_pref("CT2790392.components.129820989550310799", false);
Found : user_pref("CT2790392.components.130059329278017115", false);
Found : user_pref("CT2790392.components.1359634298000", false);
Found : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Fri Mar 29 2013 17:15:48 GMT+0100 (Central [...]
Found : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2790392.initDone", true);
Found : user_pref("CT2790392.isAppTrackingManagerOn", false);
Found : user_pref("CT2790392.myStuffEnabled", true);
Found : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2790392.navigateToUrlOnSearch", false);
Found : user_pref("CT2790392.revertSettingsEnabled", true);
Found : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Found : user_pref("CT2790392.testingCtid", "");
Found : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central E[...]
Found : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Fri Mar 29 2013 17:15:47 GMT+0100 (Central E[...]
Found : user_pref("CT2790392.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2790392&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4be[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\johny\\Application[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Found : user_pref("CommunityToolbar.globalUserId", "abe9a486-f4f5-4975-9c73-4cd50c2df6ea");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Mar 29 2013 17:15:4[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (C[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "6fc7cf72-318e-480a-955f-1136c8b45135");
Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112060&tt=120912_nocpc_3912_1&babs[...]
Found : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&Sea[...]
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar.admin", false);
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Found : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Found : user_pref("extensions.BabylonToolbar.babExt", "");
Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Found : user_pref("extensions.BabylonToolbar.babext", "babExt");
Found : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Found : user_pref("extensions.BabylonToolbar.bbDpng", "7");
Found : user_pref("extensions.BabylonToolbar.cntry", "SK");
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Found : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Found : user_pref("extensions.BabylonToolbar.excTlbr", false);
Found : user_pref("extensions.BabylonToolbar.firstrun", false);
Found : user_pref("extensions.BabylonToolbar.hdrMd5", "5C2BD987981CDBDDA38A22A81CDD3E70");
Found : user_pref("extensions.BabylonToolbar.hmpg", false);
Found : user_pref("extensions.BabylonToolbar.hrdid", "2c36d1df0000000000000022431c3061");
Found : user_pref("extensions.BabylonToolbar.id", "2c36d1df0000000000000022431c3061");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15607");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar.instlday", "15607");
Found : user_pref("extensions.BabylonToolbar.instlref", "sst");
Found : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Found : user_pref("extensions.BabylonToolbar.keywordurl", "");
Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar.lastdp", 24);
Found : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Found : user_pref("extensions.BabylonToolbar.newTab", false);
Found : user_pref("extensions.BabylonToolbar.newtab", "false");
Found : user_pref("extensions.BabylonToolbar.newtaburl", "");
Found : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"69\",\"lastVrsn\":\"69\",\"vrsnLoad\[...]
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Found : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Found : user_pref("extensions.BabylonToolbar.sg", "azb");
Found : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Found : user_pref("extensions.BabylonToolbar.smplgrp", "azb");
Found : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar.srcext", "ss");
Found : user_pref("extensions.BabylonToolbar.srch", "");
Found : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Found : user_pref("extensions.BabylonToolbar.tlbrid", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Found : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.5.0,{8f8fe09b-0bd3-4470-bc1b-8cad42b820[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=[...]
File : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\prefs.js
Found : user_pref("CT2790392..clientLogIsEnabled", true);
Found : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Found : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
Found : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
Found : user_pref("CT2790392.CTID", "CT2790392");
Found : user_pref("CT2790392.CurrentServerDate", "7-4-2013");
Found : user_pref("CT2790392.DSChangedManually", false);
Found : user_pref("CT2790392.DSInstall", true);
Found : user_pref("CT2790392.DSProtectChoice", true);
Found : user_pref("CT2790392.DSProtectCount", 1);
Found : user_pref("CT2790392.DialogsAlignMode", "LTR");
Found : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat Apr 06 2013 17:33:24 GMT+0200 (Central Europe[...]
Found : user_pref("CT2790392.DownloadReferralCookieData", "");
Found : user_pref("CT2790392.EMailNotifierPollDate", "Sat Apr 06 2013 17:33:22 GMT+0200 (Central Europe Dayl[...]
Found : user_pref("CT2790392.FeedLastCount129313977501788460", 467);
Found : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Found : user_pref("CT2790392.FeedTTL129313975698350231", 5);
Found : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Found : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Found : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Found : user_pref("CT2790392.FirstServerDate", "15-7-2012");
Found : user_pref("CT2790392.FirstTime", true);
Found : user_pref("CT2790392.FirstTimeFF3", true);
Found : user_pref("CT2790392.FirstTimeHiddenVer", true);
Found : user_pref("CT2790392.FixPageNotFoundErrors", true);
Found : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2790392.HPChangedManually", true);
Found : user_pref("CT2790392.HPInstall", true);
Found : user_pref("CT2790392.HPProtectChoice", true);
Found : user_pref("CT2790392.HPProtectCount", 1);
Found : user_pref("CT2790392.HasUserGlobalKeys", true);
Found : user_pref("CT2790392.HomePageProtectorEnabled", false);
Found : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=[...]
Found : user_pref("CT2790392.Initialize", true);
Found : user_pref("CT2790392.InitializeCommonPrefs", true);
Found : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2790392.InstallationId", "fft2D.tmp.exe");
Found : user_pref("CT2790392.InstallationType", "XPE");
Found : user_pref("CT2790392.InstalledDate", "Sun Jul 15 2012 20:02:59 GMT+0200 (Central Europe Daylight Tim[...]
Found : user_pref("CT2790392.IsAlertDBUpdated", true);
Found : user_pref("CT2790392.IsGrouping", false);
Found : user_pref("CT2790392.IsInitSetupIni", true);
Found : user_pref("CT2790392.IsMulticommunity", false);
Found : user_pref("CT2790392.IsOpenThankYouPage", false);
Found : user_pref("CT2790392.IsOpenUninstallPage", false);
Found : user_pref("CT2790392.IsProtectorsInit", true);
Found : user_pref("CT2790392.LanguagePackLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe [...]
Found : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2790392.LastLogin_3.13.0.6", "Wed Jul 25 2012 20:42:02 GMT+0200 (Central Europe Dayligh[...]
Found : user_pref("CT2790392.LastLogin_3.16.0.3", "Sat Feb 09 2013 01:26:14 GMT+0100 (Central Europe Standar[...]
Found : user_pref("CT2790392.LastLogin_3.18.0.7", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe Dayligh[...]
Found : user_pref("CT2790392.LatestVersion", "3.18.0.7");
Found : user_pref("CT2790392.Locale", "en");
Found : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Found : user_pref("CT2790392.MCDetectTooltipShow", false);
Found : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Found : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2790392.OriginalFirstVersion", "3.13.0.6");
Found : user_pref("CT2790392.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Found : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchEngineBeforeUnload", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Found : user_pref("CT2790392.SearchInNewTabEnabled", true);
Found : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europ[...]
Found : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2790392.SearchProtectorEnabled", false);
Found : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Found : user_pref("CT2790392.ServiceMapLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europe Da[...]
Found : user_pref("CT2790392.SettingsLastCheckTime", "Sun Apr 07 2013 21:34:13 GMT+0200 (Central Europe Dayl[...]
Found : user_pref("CT2790392.SettingsLastUpdate", "1365360515");
Found : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Found : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Fri Mar 29 2013 17:15:43 GMT+0100 (Central Eur[...]
Found : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Found : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2790392.UserID", "UN97635022403183482");
Found : user_pref("CT2790392.ValidationData_Toolbar", 2);
Found : user_pref("CT2790392.WeatherNetwork", "");
Found : user_pref("CT2790392.WeatherPollDate", "Sat Apr 06 2013 17:53:24 GMT+0200 (Central Europe Daylight T[...]
Found : user_pref("CT2790392.WeatherUnit", "C");
Found : user_pref("CT2790392.alertChannelId", "1182482");
Found : user_pref("CT2790392.approveUntrustedApps", false);
Found : user_pref("CT2790392.autoDisableScopes", -1);
Found : user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6B716F6E7172776F");
Found : user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737177757477787D75242F4B4947[...]
Found : user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b-0?3g>d", "3B3A3E6972406C757A724475492049767E4F257C514F212A23[...]
Found : user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Found : user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Found : user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D464[...]
Found : user_pref("CT2790392.backendstorage./9b5ba==9cjag", "6A3F6E693F3F3F407A707479724A4C487D79507A24");
Found : user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B6D716E73727673747478");
Found : user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Found : user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F7674737975772A7975727A7B757E78");
Found : user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2790392.backendstorage.cb", "31");
Found : user_pref("CT2790392.backendstorage.cb_experience_000", "32");
Found : user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
Found : user_pref("CT2790392.backendstorage.cb_user_id_000", "43423431393136373639383437395F3133363134363538[...]
Found : user_pref("CT2790392.backendstorage.cbcountry_001", "534B");
Found : user_pref("CT2790392.backendstorage.cbfirsttime", "53756E204A756C20313520323031322032303A30333A30342[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333635323632343134323336");
Found : user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B22[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E342E342E36");
Found : user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
Found : user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333635323632343131323630");
Found : user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C69637[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.0.4", "7B22537461747573223A227375636365656465[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A227375636365656465[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
Found : user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Found : user_pref("CT2790392.backendstorage.mam_gk_userid", "30346664646134302D396330332D346534392D626538342[...]
Found : user_pref("CT2790392.backendstorage.pg_enable", "74727565");
Found : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Found : user_pref("CT2790392.backendstorage.searchappstate", "33");
Found : user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
Found : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F7A766564617665632E6F72672F6B6F6[...]
Found : user_pref("CT2790392.components.1000034", false);
Found : user_pref("CT2790392.components.1000234", false);
Found : user_pref("CT2790392.components.129309565073350181", false);
Found : user_pref("CT2790392.components.129309577647413174", false);
Found : user_pref("CT2790392.components.129309578575850709", false);
Found : user_pref("CT2790392.components.129313977501788460", false);
Found : user_pref("CT2790392.components.129526968991422666", false);
Found : user_pref("CT2790392.components.129791371079091292", false);
Found : user_pref("CT2790392.components.129820989550310799", false);
Found : user_pref("CT2790392.components.130059329278017115", false);
Found : user_pref("CT2790392.components.1359634298000", false);
Found : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Fri Mar 29 2013 17:15:48 GMT+0100 (Central [...]
Found : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2790392.initDone", true);
Found : user_pref("CT2790392.isAppTrackingManagerOn", false);
Found : user_pref("CT2790392.myStuffEnabled", true);
Found : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2790392.navigateToUrlOnSearch", false);
Found : user_pref("CT2790392.revertSettingsEnabled", true);
Found : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Found : user_pref("CT2790392.testingCtid", "");
Found : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central E[...]
Found : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Fri Mar 29 2013 17:15:47 GMT+0100 (Central E[...]
Found : user_pref("CT2790392.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2790392&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4be[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\johny\\Application[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Found : user_pref("CommunityToolbar.globalUserId", "abe9a486-f4f5-4975-9c73-4cd50c2df6ea");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Mar 29 2013 17:15:4[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (C[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "6fc7cf72-318e-480a-955f-1136c8b45135");
Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112060&tt=120912_nocpc_3912_1&babs[...]
Found : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&Sea[...]
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar.admin", false);
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Found : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Found : user_pref("extensions.BabylonToolbar.babExt", "");
Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Found : user_pref("extensions.BabylonToolbar.babext", "babExt");
Found : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Found : user_pref("extensions.BabylonToolbar.bbDpng", "7");
Found : user_pref("extensions.BabylonToolbar.cntry", "SK");
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Found : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Found : user_pref("extensions.BabylonToolbar.excTlbr", false);
Found : user_pref("extensions.BabylonToolbar.firstrun", false);
Found : user_pref("extensions.BabylonToolbar.hdrMd5", "5C2BD987981CDBDDA38A22A81CDD3E70");
Found : user_pref("extensions.BabylonToolbar.hmpg", false);
Found : user_pref("extensions.BabylonToolbar.hrdid", "2c36d1df0000000000000022431c3061");
Found : user_pref("extensions.BabylonToolbar.id", "2c36d1df0000000000000022431c3061");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15607");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar.instlday", "15607");
Found : user_pref("extensions.BabylonToolbar.instlref", "sst");
Found : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Found : user_pref("extensions.BabylonToolbar.keywordurl", "");
Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar.lastdp", 24);
Found : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Found : user_pref("extensions.BabylonToolbar.newTab", false);
Found : user_pref("extensions.BabylonToolbar.newtab", "false");
Found : user_pref("extensions.BabylonToolbar.newtaburl", "");
Found : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"69\",\"lastVrsn\":\"69\",\"vrsnLoad\[...]
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Found : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Found : user_pref("extensions.BabylonToolbar.sg", "azb");
Found : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Found : user_pref("extensions.BabylonToolbar.smplgrp", "azb");
Found : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar.srcext", "ss");
Found : user_pref("extensions.BabylonToolbar.srch", "");
Found : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Found : user_pref("extensions.BabylonToolbar.tlbrid", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Found : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.5.0,{8f8fe09b-0bd3-4470-bc1b-8cad42b820[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=[...]
-\\ Google Chrome v26.0.1410.43
File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.14.1738.0
File : C:\Documents and Settings\johny\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
File : C:\Documents and Settings\johny\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [63126 octets] - [09/04/2013 21:10:49]
########## EOF - C:\AdwCleaner[R1].txt - [63187 octets] ##########
***** [Files / Folders] *****
File Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\johny\My Documents\Uninstall.exe
File Found : C:\user.js
Folder Found : C:\Documents and Settings\All Users\Application Data\Ask
Folder Found : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Found : C:\Documents and Settings\johny\Application Data\BabSolution
Folder Found : C:\Documents and Settings\johny\Application Data\Babylon
Folder Found : C:\Documents and Settings\johny\Application Data\BabylonToolbar
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\ConduitCommon
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\CT2790392
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\CT2790392
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Found : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\ffxtlbr@babylon.com
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\APN
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\BitTorrentBar
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Folder Found : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Folder Found : C:\Program Files\Conduit
***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\BitTorrentBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKCU\Software\Microsoft\Babylon
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Toolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\Software\BitTorrentBar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Found : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6B7CAA5-9197-4954-B4BB-BA46A7EC310C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF798C9A-77DC-43A4-B81D-0EE61BACFFCA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Key Found : HKLM\Software\PIP
Key Found : HKU\S-1-5-21-1214440339-1454471165-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1214440339-1454471165-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
***** [Internet Browsers] *****
-\\ Internet Explorer v7.0.5730.13
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/hypercam/{69D6DB25-8 ... 24334F3CE5}
-\\ Mozilla Firefox v15.0.1 (en-US)
File : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\prefs.js
Found : user_pref("CT2790392..clientLogIsEnabled", true);
Found : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Found : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
Found : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
Found : user_pref("CT2790392.CTID", "CT2790392");
Found : user_pref("CT2790392.CurrentServerDate", "7-4-2013");
Found : user_pref("CT2790392.DSChangedManually", false);
Found : user_pref("CT2790392.DSInstall", true);
Found : user_pref("CT2790392.DSProtectChoice", true);
Found : user_pref("CT2790392.DSProtectCount", 1);
Found : user_pref("CT2790392.DialogsAlignMode", "LTR");
Found : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat Apr 06 2013 17:33:24 GMT+0200 (Central Europe[...]
Found : user_pref("CT2790392.DownloadReferralCookieData", "");
Found : user_pref("CT2790392.EMailNotifierPollDate", "Sat Apr 06 2013 17:33:22 GMT+0200 (Central Europe Dayl[...]
Found : user_pref("CT2790392.FeedLastCount129313977501788460", 467);
Found : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Found : user_pref("CT2790392.FeedTTL129313975698350231", 5);
Found : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Found : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Found : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Found : user_pref("CT2790392.FirstServerDate", "15-7-2012");
Found : user_pref("CT2790392.FirstTime", true);
Found : user_pref("CT2790392.FirstTimeFF3", true);
Found : user_pref("CT2790392.FirstTimeHiddenVer", true);
Found : user_pref("CT2790392.FixPageNotFoundErrors", true);
Found : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2790392.HPChangedManually", true);
Found : user_pref("CT2790392.HPInstall", true);
Found : user_pref("CT2790392.HPProtectChoice", true);
Found : user_pref("CT2790392.HPProtectCount", 1);
Found : user_pref("CT2790392.HasUserGlobalKeys", true);
Found : user_pref("CT2790392.HomePageProtectorEnabled", false);
Found : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=[...]
Found : user_pref("CT2790392.Initialize", true);
Found : user_pref("CT2790392.InitializeCommonPrefs", true);
Found : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2790392.InstallationId", "fft2D.tmp.exe");
Found : user_pref("CT2790392.InstallationType", "XPE");
Found : user_pref("CT2790392.InstalledDate", "Sun Jul 15 2012 20:02:59 GMT+0200 (Central Europe Daylight Tim[...]
Found : user_pref("CT2790392.IsAlertDBUpdated", true);
Found : user_pref("CT2790392.IsGrouping", false);
Found : user_pref("CT2790392.IsInitSetupIni", true);
Found : user_pref("CT2790392.IsMulticommunity", false);
Found : user_pref("CT2790392.IsOpenThankYouPage", false);
Found : user_pref("CT2790392.IsOpenUninstallPage", false);
Found : user_pref("CT2790392.IsProtectorsInit", true);
Found : user_pref("CT2790392.LanguagePackLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe [...]
Found : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2790392.LastLogin_3.13.0.6", "Wed Jul 25 2012 20:42:02 GMT+0200 (Central Europe Dayligh[...]
Found : user_pref("CT2790392.LastLogin_3.16.0.3", "Sat Feb 09 2013 01:26:14 GMT+0100 (Central Europe Standar[...]
Found : user_pref("CT2790392.LastLogin_3.18.0.7", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe Dayligh[...]
Found : user_pref("CT2790392.LatestVersion", "3.18.0.7");
Found : user_pref("CT2790392.Locale", "en");
Found : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Found : user_pref("CT2790392.MCDetectTooltipShow", false);
Found : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Found : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2790392.OriginalFirstVersion", "3.13.0.6");
Found : user_pref("CT2790392.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Found : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchEngineBeforeUnload", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Found : user_pref("CT2790392.SearchInNewTabEnabled", true);
Found : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europ[...]
Found : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2790392.SearchProtectorEnabled", false);
Found : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Found : user_pref("CT2790392.ServiceMapLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europe Da[...]
Found : user_pref("CT2790392.SettingsLastCheckTime", "Sun Apr 07 2013 21:34:13 GMT+0200 (Central Europe Dayl[...]
Found : user_pref("CT2790392.SettingsLastUpdate", "1365360515");
Found : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Found : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Fri Mar 29 2013 17:15:43 GMT+0100 (Central Eur[...]
Found : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Found : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2790392.UserID", "UN97635022403183482");
Found : user_pref("CT2790392.ValidationData_Toolbar", 2);
Found : user_pref("CT2790392.WeatherNetwork", "");
Found : user_pref("CT2790392.WeatherPollDate", "Sat Apr 06 2013 17:53:24 GMT+0200 (Central Europe Daylight T[...]
Found : user_pref("CT2790392.WeatherUnit", "C");
Found : user_pref("CT2790392.alertChannelId", "1182482");
Found : user_pref("CT2790392.approveUntrustedApps", false);
Found : user_pref("CT2790392.autoDisableScopes", -1);
Found : user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6B716F6E7172776F");
Found : user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737177757477787D75242F4B4947[...]
Found : user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b-0?3g>d", "3B3A3E6972406C757A724475492049767E4F257C514F212A23[...]
Found : user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Found : user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Found : user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D464[...]
Found : user_pref("CT2790392.backendstorage./9b5ba==9cjag", "6A3F6E693F3F3F407A707479724A4C487D79507A24");
Found : user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B6D716E73727673747478");
Found : user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Found : user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F7674737975772A7975727A7B757E78");
Found : user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2790392.backendstorage.cb", "31");
Found : user_pref("CT2790392.backendstorage.cb_experience_000", "32");
Found : user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
Found : user_pref("CT2790392.backendstorage.cb_user_id_000", "43423431393136373639383437395F3133363134363538[...]
Found : user_pref("CT2790392.backendstorage.cbcountry_001", "534B");
Found : user_pref("CT2790392.backendstorage.cbfirsttime", "53756E204A756C20313520323031322032303A30333A30342[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333635323632343134323336");
Found : user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B22[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E342E342E36");
Found : user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
Found : user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333635323632343131323630");
Found : user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C69637[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.0.4", "7B22537461747573223A227375636365656465[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A227375636365656465[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
Found : user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Found : user_pref("CT2790392.backendstorage.mam_gk_userid", "30346664646134302D396330332D346534392D626538342[...]
Found : user_pref("CT2790392.backendstorage.pg_enable", "74727565");
Found : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Found : user_pref("CT2790392.backendstorage.searchappstate", "33");
Found : user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
Found : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F7A766564617665632E6F72672F6B6F6[...]
Found : user_pref("CT2790392.components.1000034", false);
Found : user_pref("CT2790392.components.1000234", false);
Found : user_pref("CT2790392.components.129309565073350181", false);
Found : user_pref("CT2790392.components.129309577647413174", false);
Found : user_pref("CT2790392.components.129309578575850709", false);
Found : user_pref("CT2790392.components.129313977501788460", false);
Found : user_pref("CT2790392.components.129526968991422666", false);
Found : user_pref("CT2790392.components.129791371079091292", false);
Found : user_pref("CT2790392.components.129820989550310799", false);
Found : user_pref("CT2790392.components.130059329278017115", false);
Found : user_pref("CT2790392.components.1359634298000", false);
Found : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Fri Mar 29 2013 17:15:48 GMT+0100 (Central [...]
Found : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2790392.initDone", true);
Found : user_pref("CT2790392.isAppTrackingManagerOn", false);
Found : user_pref("CT2790392.myStuffEnabled", true);
Found : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2790392.navigateToUrlOnSearch", false);
Found : user_pref("CT2790392.revertSettingsEnabled", true);
Found : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Found : user_pref("CT2790392.testingCtid", "");
Found : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central E[...]
Found : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Fri Mar 29 2013 17:15:47 GMT+0100 (Central E[...]
Found : user_pref("CT2790392.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2790392&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4be[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\johny\\Application[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Found : user_pref("CommunityToolbar.globalUserId", "abe9a486-f4f5-4975-9c73-4cd50c2df6ea");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Mar 29 2013 17:15:4[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (C[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "6fc7cf72-318e-480a-955f-1136c8b45135");
Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112060&tt=120912_nocpc_3912_1&babs[...]
Found : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&Sea[...]
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar.admin", false);
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Found : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Found : user_pref("extensions.BabylonToolbar.babExt", "");
Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Found : user_pref("extensions.BabylonToolbar.babext", "babExt");
Found : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Found : user_pref("extensions.BabylonToolbar.bbDpng", "7");
Found : user_pref("extensions.BabylonToolbar.cntry", "SK");
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Found : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Found : user_pref("extensions.BabylonToolbar.excTlbr", false);
Found : user_pref("extensions.BabylonToolbar.firstrun", false);
Found : user_pref("extensions.BabylonToolbar.hdrMd5", "5C2BD987981CDBDDA38A22A81CDD3E70");
Found : user_pref("extensions.BabylonToolbar.hmpg", false);
Found : user_pref("extensions.BabylonToolbar.hrdid", "2c36d1df0000000000000022431c3061");
Found : user_pref("extensions.BabylonToolbar.id", "2c36d1df0000000000000022431c3061");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15607");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar.instlday", "15607");
Found : user_pref("extensions.BabylonToolbar.instlref", "sst");
Found : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Found : user_pref("extensions.BabylonToolbar.keywordurl", "");
Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar.lastdp", 24);
Found : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Found : user_pref("extensions.BabylonToolbar.newTab", false);
Found : user_pref("extensions.BabylonToolbar.newtab", "false");
Found : user_pref("extensions.BabylonToolbar.newtaburl", "");
Found : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"69\",\"lastVrsn\":\"69\",\"vrsnLoad\[...]
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Found : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Found : user_pref("extensions.BabylonToolbar.sg", "azb");
Found : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Found : user_pref("extensions.BabylonToolbar.smplgrp", "azb");
Found : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar.srcext", "ss");
Found : user_pref("extensions.BabylonToolbar.srch", "");
Found : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Found : user_pref("extensions.BabylonToolbar.tlbrid", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Found : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.5.0,{8f8fe09b-0bd3-4470-bc1b-8cad42b820[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=[...]
File : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\prefs.js
Found : user_pref("CT2790392..clientLogIsEnabled", true);
Found : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Found : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
Found : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
Found : user_pref("CT2790392.CTID", "CT2790392");
Found : user_pref("CT2790392.CurrentServerDate", "7-4-2013");
Found : user_pref("CT2790392.DSChangedManually", false);
Found : user_pref("CT2790392.DSInstall", true);
Found : user_pref("CT2790392.DSProtectChoice", true);
Found : user_pref("CT2790392.DSProtectCount", 1);
Found : user_pref("CT2790392.DialogsAlignMode", "LTR");
Found : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat Apr 06 2013 17:33:24 GMT+0200 (Central Europe[...]
Found : user_pref("CT2790392.DownloadReferralCookieData", "");
Found : user_pref("CT2790392.EMailNotifierPollDate", "Sat Apr 06 2013 17:33:22 GMT+0200 (Central Europe Dayl[...]
Found : user_pref("CT2790392.FeedLastCount129313977501788460", 467);
Found : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Found : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Found : user_pref("CT2790392.FeedTTL129313975698350231", 5);
Found : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Found : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Found : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Found : user_pref("CT2790392.FirstServerDate", "15-7-2012");
Found : user_pref("CT2790392.FirstTime", true);
Found : user_pref("CT2790392.FirstTimeFF3", true);
Found : user_pref("CT2790392.FirstTimeHiddenVer", true);
Found : user_pref("CT2790392.FixPageNotFoundErrors", true);
Found : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2790392.HPChangedManually", true);
Found : user_pref("CT2790392.HPInstall", true);
Found : user_pref("CT2790392.HPProtectChoice", true);
Found : user_pref("CT2790392.HPProtectCount", 1);
Found : user_pref("CT2790392.HasUserGlobalKeys", true);
Found : user_pref("CT2790392.HomePageProtectorEnabled", false);
Found : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=[...]
Found : user_pref("CT2790392.Initialize", true);
Found : user_pref("CT2790392.InitializeCommonPrefs", true);
Found : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2790392.InstallationId", "fft2D.tmp.exe");
Found : user_pref("CT2790392.InstallationType", "XPE");
Found : user_pref("CT2790392.InstalledDate", "Sun Jul 15 2012 20:02:59 GMT+0200 (Central Europe Daylight Tim[...]
Found : user_pref("CT2790392.IsAlertDBUpdated", true);
Found : user_pref("CT2790392.IsGrouping", false);
Found : user_pref("CT2790392.IsInitSetupIni", true);
Found : user_pref("CT2790392.IsMulticommunity", false);
Found : user_pref("CT2790392.IsOpenThankYouPage", false);
Found : user_pref("CT2790392.IsOpenUninstallPage", false);
Found : user_pref("CT2790392.IsProtectorsInit", true);
Found : user_pref("CT2790392.LanguagePackLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe [...]
Found : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2790392.LastLogin_3.13.0.6", "Wed Jul 25 2012 20:42:02 GMT+0200 (Central Europe Dayligh[...]
Found : user_pref("CT2790392.LastLogin_3.16.0.3", "Sat Feb 09 2013 01:26:14 GMT+0100 (Central Europe Standar[...]
Found : user_pref("CT2790392.LastLogin_3.18.0.7", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe Dayligh[...]
Found : user_pref("CT2790392.LatestVersion", "3.18.0.7");
Found : user_pref("CT2790392.Locale", "en");
Found : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Found : user_pref("CT2790392.MCDetectTooltipShow", false);
Found : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Found : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2790392.OriginalFirstVersion", "3.13.0.6");
Found : user_pref("CT2790392.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Found : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchEngineBeforeUnload", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Found : user_pref("CT2790392.SearchInNewTabEnabled", true);
Found : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europ[...]
Found : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2790392.SearchProtectorEnabled", false);
Found : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Found : user_pref("CT2790392.ServiceMapLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europe Da[...]
Found : user_pref("CT2790392.SettingsLastCheckTime", "Sun Apr 07 2013 21:34:13 GMT+0200 (Central Europe Dayl[...]
Found : user_pref("CT2790392.SettingsLastUpdate", "1365360515");
Found : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Found : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Fri Mar 29 2013 17:15:43 GMT+0100 (Central Eur[...]
Found : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Found : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2790392.UserID", "UN97635022403183482");
Found : user_pref("CT2790392.ValidationData_Toolbar", 2);
Found : user_pref("CT2790392.WeatherNetwork", "");
Found : user_pref("CT2790392.WeatherPollDate", "Sat Apr 06 2013 17:53:24 GMT+0200 (Central Europe Daylight T[...]
Found : user_pref("CT2790392.WeatherUnit", "C");
Found : user_pref("CT2790392.alertChannelId", "1182482");
Found : user_pref("CT2790392.approveUntrustedApps", false);
Found : user_pref("CT2790392.autoDisableScopes", -1);
Found : user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6B716F6E7172776F");
Found : user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737177757477787D75242F4B4947[...]
Found : user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
Found : user_pref("CT2790392.backendstorage./9b-0?3g>d", "3B3A3E6972406C757A724475492049767E4F257C514F212A23[...]
Found : user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Found : user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Found : user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D464[...]
Found : user_pref("CT2790392.backendstorage./9b5ba==9cjag", "6A3F6E693F3F3F407A707479724A4C487D79507A24");
Found : user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B6D716E73727673747478");
Found : user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Found : user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F7674737975772A7975727A7B757E78");
Found : user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2790392.backendstorage.cb", "31");
Found : user_pref("CT2790392.backendstorage.cb_experience_000", "32");
Found : user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
Found : user_pref("CT2790392.backendstorage.cb_user_id_000", "43423431393136373639383437395F3133363134363538[...]
Found : user_pref("CT2790392.backendstorage.cbcountry_001", "534B");
Found : user_pref("CT2790392.backendstorage.cbfirsttime", "53756E204A756C20313520323031322032303A30333A30342[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Found : user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333635323632343134323336");
Found : user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B22[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E342E342E36");
Found : user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
Found : user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333635323632343131323630");
Found : user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C69637[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.0.4", "7B22537461747573223A227375636365656465[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A227375636365656465[...]
Found : user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
Found : user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Found : user_pref("CT2790392.backendstorage.mam_gk_userid", "30346664646134302D396330332D346534392D626538342[...]
Found : user_pref("CT2790392.backendstorage.pg_enable", "74727565");
Found : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Found : user_pref("CT2790392.backendstorage.searchappstate", "33");
Found : user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
Found : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F7A766564617665632E6F72672F6B6F6[...]
Found : user_pref("CT2790392.components.1000034", false);
Found : user_pref("CT2790392.components.1000234", false);
Found : user_pref("CT2790392.components.129309565073350181", false);
Found : user_pref("CT2790392.components.129309577647413174", false);
Found : user_pref("CT2790392.components.129309578575850709", false);
Found : user_pref("CT2790392.components.129313977501788460", false);
Found : user_pref("CT2790392.components.129526968991422666", false);
Found : user_pref("CT2790392.components.129791371079091292", false);
Found : user_pref("CT2790392.components.129820989550310799", false);
Found : user_pref("CT2790392.components.130059329278017115", false);
Found : user_pref("CT2790392.components.1359634298000", false);
Found : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Fri Mar 29 2013 17:15:48 GMT+0100 (Central [...]
Found : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2790392.initDone", true);
Found : user_pref("CT2790392.isAppTrackingManagerOn", false);
Found : user_pref("CT2790392.myStuffEnabled", true);
Found : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2790392.navigateToUrlOnSearch", false);
Found : user_pref("CT2790392.revertSettingsEnabled", true);
Found : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Found : user_pref("CT2790392.testingCtid", "");
Found : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central E[...]
Found : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Fri Mar 29 2013 17:15:47 GMT+0100 (Central E[...]
Found : user_pref("CT2790392.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2790392&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4be[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\johny\\Application[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Found : user_pref("CommunityToolbar.globalUserId", "abe9a486-f4f5-4975-9c73-4cd50c2df6ea");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Mar 29 2013 17:15:4[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (C[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "6fc7cf72-318e-480a-955f-1136c8b45135");
Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112060&tt=120912_nocpc_3912_1&babs[...]
Found : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&Sea[...]
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar.admin", false);
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Found : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Found : user_pref("extensions.BabylonToolbar.babExt", "");
Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Found : user_pref("extensions.BabylonToolbar.babext", "babExt");
Found : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Found : user_pref("extensions.BabylonToolbar.bbDpng", "7");
Found : user_pref("extensions.BabylonToolbar.cntry", "SK");
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Found : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Found : user_pref("extensions.BabylonToolbar.excTlbr", false);
Found : user_pref("extensions.BabylonToolbar.firstrun", false);
Found : user_pref("extensions.BabylonToolbar.hdrMd5", "5C2BD987981CDBDDA38A22A81CDD3E70");
Found : user_pref("extensions.BabylonToolbar.hmpg", false);
Found : user_pref("extensions.BabylonToolbar.hrdid", "2c36d1df0000000000000022431c3061");
Found : user_pref("extensions.BabylonToolbar.id", "2c36d1df0000000000000022431c3061");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15607");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar.instlday", "15607");
Found : user_pref("extensions.BabylonToolbar.instlref", "sst");
Found : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Found : user_pref("extensions.BabylonToolbar.keywordurl", "");
Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar.lastdp", 24);
Found : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Found : user_pref("extensions.BabylonToolbar.newTab", false);
Found : user_pref("extensions.BabylonToolbar.newtab", "false");
Found : user_pref("extensions.BabylonToolbar.newtaburl", "");
Found : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"69\",\"lastVrsn\":\"69\",\"vrsnLoad\[...]
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Found : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Found : user_pref("extensions.BabylonToolbar.sg", "azb");
Found : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Found : user_pref("extensions.BabylonToolbar.smplgrp", "azb");
Found : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar.srcext", "ss");
Found : user_pref("extensions.BabylonToolbar.srch", "");
Found : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Found : user_pref("extensions.BabylonToolbar.tlbrid", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Found : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1221:25:11");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1221:25:11");
Found : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.5.0,{8f8fe09b-0bd3-4470-bc1b-8cad42b820[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=[...]
-\\ Google Chrome v26.0.1410.43
File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.14.1738.0
File : C:\Documents and Settings\johny\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
File : C:\Documents and Settings\johny\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [63126 octets] - [09/04/2013 21:10:49]
########## EOF - C:\AdwCleaner[R1].txt - [63187 octets] ##########
Re: Prosim CHECK
Slušnost je odpovídat.Roli píše:Zdravím, pustit si tam ComboFix Ti poradil kdo ?
Znovu spusť AdwCleaner ale tentokrát klikni na Delete,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té na Tebe opět vypadne log který mi sem zkopíruj.
Re: Prosim CHECK
Prepac Roli, nevsimol som si otazku. Neporadil mi to nikto, viem ze je to dobry nastroj na odstranenie malwaru a data mam zalohovane tak som ho spustil.
# AdwCleaner v2.200 - Logfile created 04/09/2013 at 21:36:23
# Updated 02/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : johny - ALTY6
# Boot Mode : Normal
# Running from : F:\download\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Deleted on reboot : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Deleted on reboot : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
File Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\johny\My Documents\Uninstall.exe
File Deleted : C:\user.js
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\johny\Application Data\BabSolution
Folder Deleted : C:\Documents and Settings\johny\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\johny\Application Data\BabylonToolbar
Folder Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\CT2790392
Folder Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Documents and Settings\johny\Local Settings\Application Data\APN
Folder Deleted : C:\Documents and Settings\johny\Local Settings\Application Data\BitTorrentBar
Folder Deleted : C:\Documents and Settings\johny\Local Settings\Application Data\Conduit
Folder Deleted : C:\Program Files\Conduit
***** [Registry] *****
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\BitTorrentBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\BitTorrentBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6B7CAA5-9197-4954-B4BB-BA46A7EC310C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF798C9A-77DC-43A4-B81D-0EE61BACFFCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Key Deleted : HKLM\Software\PIP
***** [Internet Browsers] *****
-\\ Internet Explorer v7.0.5730.13
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/hypercam/{69D6DB25-8 ... 24334F3CE5} --> hxxp://www.google.com
-\\ Mozilla Firefox v15.0.1 (en-US)
File : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\prefs.js
Deleted : user_pref("CT2790392..clientLogIsEnabled", true);
Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
Deleted : user_pref("CT2790392.CTID", "CT2790392");
Deleted : user_pref("CT2790392.CurrentServerDate", "7-4-2013");
Deleted : user_pref("CT2790392.DSChangedManually", false);
Deleted : user_pref("CT2790392.DSInstall", true);
Deleted : user_pref("CT2790392.DSProtectChoice", true);
Deleted : user_pref("CT2790392.DSProtectCount", 1);
Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat Apr 06 2013 17:33:24 GMT+0200 (Central Europe[...]
Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
Deleted : user_pref("CT2790392.EMailNotifierPollDate", "Sat Apr 06 2013 17:33:22 GMT+0200 (Central Europe Dayl[...]
Deleted : user_pref("CT2790392.FeedLastCount129313977501788460", 467);
Deleted : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Deleted : user_pref("CT2790392.FeedTTL129313975698350231", 5);
Deleted : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Deleted : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Deleted : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Deleted : user_pref("CT2790392.FirstServerDate", "15-7-2012");
Deleted : user_pref("CT2790392.FirstTime", true);
Deleted : user_pref("CT2790392.FirstTimeFF3", true);
Deleted : user_pref("CT2790392.FirstTimeHiddenVer", true);
Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2790392.HPChangedManually", true);
Deleted : user_pref("CT2790392.HPInstall", true);
Deleted : user_pref("CT2790392.HPProtectChoice", true);
Deleted : user_pref("CT2790392.HPProtectCount", 1);
Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
Deleted : user_pref("CT2790392.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=[...]
Deleted : user_pref("CT2790392.Initialize", true);
Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2790392.InstallationId", "fft2D.tmp.exe");
Deleted : user_pref("CT2790392.InstallationType", "XPE");
Deleted : user_pref("CT2790392.InstalledDate", "Sun Jul 15 2012 20:02:59 GMT+0200 (Central Europe Daylight Tim[...]
Deleted : user_pref("CT2790392.IsAlertDBUpdated", true);
Deleted : user_pref("CT2790392.IsGrouping", false);
Deleted : user_pref("CT2790392.IsInitSetupIni", true);
Deleted : user_pref("CT2790392.IsMulticommunity", false);
Deleted : user_pref("CT2790392.IsOpenThankYouPage", false);
Deleted : user_pref("CT2790392.IsOpenUninstallPage", false);
Deleted : user_pref("CT2790392.IsProtectorsInit", true);
Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe [...]
Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2790392.LastLogin_3.13.0.6", "Wed Jul 25 2012 20:42:02 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT2790392.LastLogin_3.16.0.3", "Sat Feb 09 2013 01:26:14 GMT+0100 (Central Europe Standar[...]
Deleted : user_pref("CT2790392.LastLogin_3.18.0.7", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT2790392.LatestVersion", "3.18.0.7");
Deleted : user_pref("CT2790392.Locale", "en");
Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2790392.MCDetectTooltipShow", false);
Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.13.0.6");
Deleted : user_pref("CT2790392.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Deleted : user_pref("CT2790392.SearchEngineBeforeUnload", "BitTorrentBar Customized Web Search");
Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europ[...]
Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2790392.SearchProtectorEnabled", false);
Deleted : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europe Da[...]
Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Sun Apr 07 2013 21:34:13 GMT+0200 (Central Europe Dayl[...]
Deleted : user_pref("CT2790392.SettingsLastUpdate", "1365360515");
Deleted : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Deleted : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Fri Mar 29 2013 17:15:43 GMT+0100 (Central Eur[...]
Deleted : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2790392.UserID", "UN97635022403183482");
Deleted : user_pref("CT2790392.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2790392.WeatherNetwork", "");
Deleted : user_pref("CT2790392.WeatherPollDate", "Sat Apr 06 2013 17:53:24 GMT+0200 (Central Europe Daylight T[...]
Deleted : user_pref("CT2790392.WeatherUnit", "C");
Deleted : user_pref("CT2790392.alertChannelId", "1182482");
Deleted : user_pref("CT2790392.approveUntrustedApps", false);
Deleted : user_pref("CT2790392.autoDisableScopes", -1);
Deleted : user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6B716F6E7172776F");
Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737177757477787D75242F4B4947[...]
Deleted : user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Deleted : user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b-0?3g>d", "3B3A3E6972406C757A724475492049767E4F257C514F212A23[...]
Deleted : user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
Deleted : user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Deleted : user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Deleted : user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Deleted : user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D464[...]
Deleted : user_pref("CT2790392.backendstorage./9b5ba==9cjag", "6A3F6E693F3F3F407A707479724A4C487D79507A24");
Deleted : user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B6D716E73727673747478");
Deleted : user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
Deleted : user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F7674737975772A7975727A7B757E78");
Deleted : user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
Deleted : user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Deleted : user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
Deleted : user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Deleted : user_pref("CT2790392.backendstorage.cb", "31");
Deleted : user_pref("CT2790392.backendstorage.cb_experience_000", "32");
Deleted : user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT2790392.backendstorage.cb_user_id_000", "43423431393136373639383437395F3133363134363538[...]
Deleted : user_pref("CT2790392.backendstorage.cbcountry_001", "534B");
Deleted : user_pref("CT2790392.backendstorage.cbfirsttime", "53756E204A756C20313520323031322032303A30333A30342[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333635323632343134323336");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B22[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E342E342E36");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333635323632343131323630");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C69637[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.0.4", "7B22537461747573223A227375636365656465[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A227375636365656465[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_userid", "30346664646134302D396330332D346534392D626538342[...]
Deleted : user_pref("CT2790392.backendstorage.pg_enable", "74727565");
Deleted : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Deleted : user_pref("CT2790392.backendstorage.searchappstate", "33");
Deleted : user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
Deleted : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F7A766564617665632E6F72672F6B6F6[...]
Deleted : user_pref("CT2790392.components.1000034", false);
Deleted : user_pref("CT2790392.components.1000234", false);
Deleted : user_pref("CT2790392.components.129309565073350181", false);
Deleted : user_pref("CT2790392.components.129309577647413174", false);
Deleted : user_pref("CT2790392.components.129309578575850709", false);
Deleted : user_pref("CT2790392.components.129313977501788460", false);
Deleted : user_pref("CT2790392.components.129526968991422666", false);
Deleted : user_pref("CT2790392.components.129791371079091292", false);
Deleted : user_pref("CT2790392.components.129820989550310799", false);
Deleted : user_pref("CT2790392.components.130059329278017115", false);
Deleted : user_pref("CT2790392.components.1359634298000", false);
Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Fri Mar 29 2013 17:15:48 GMT+0100 (Central [...]
Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2790392.initDone", true);
Deleted : user_pref("CT2790392.isAppTrackingManagerOn", false);
Deleted : user_pref("CT2790392.myStuffEnabled", true);
Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2790392.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2790392.revertSettingsEnabled", true);
Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2790392.testingCtid", "");
Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central E[...]
Deleted : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Fri Mar 29 2013 17:15:47 GMT+0100 (Central E[...]
Deleted : user_pref("CT2790392.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2790392&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4be[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\johny\\Application[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Deleted : user_pref("CommunityToolbar.globalUserId", "abe9a486-f4f5-4975-9c73-4cd50c2df6ea");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Mar 29 2013 17:15:4[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "6fc7cf72-318e-480a-955f-1136c8b45135");
Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112060&tt=120912_nocpc_3912_1&babs[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&Sea[...]
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Deleted : user_pref("extensions.BabylonToolbar.babext", "babExt");
Deleted : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", "7");
Deleted : user_pref("extensions.BabylonToolbar.cntry", "SK");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Deleted : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Deleted : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.firstrun", false);
Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "5C2BD987981CDBDDA38A22A81CDD3E70");
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.hrdid", "2c36d1df0000000000000022431c3061");
Deleted : user_pref("extensions.BabylonToolbar.id", "2c36d1df0000000000000022431c3061");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15607");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.instlday", "15607");
Deleted : user_pref("extensions.BabylonToolbar.instlref", "sst");
Deleted : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Deleted : user_pref("extensions.BabylonToolbar.keywordurl", "");
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1221:25:11");
Deleted : user_pref("extensions.BabylonToolbar.lastdp", 24);
Deleted : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar.newtab", "false");
Deleted : user_pref("extensions.BabylonToolbar.newtaburl", "");
Deleted : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"69\",\"lastVrsn\":\"69\",\"vrsnLoad\[...]
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Deleted : user_pref("extensions.BabylonToolbar.sg", "azb");
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Deleted : user_pref("extensions.BabylonToolbar.smplgrp", "azb");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.srcext", "ss");
Deleted : user_pref("extensions.BabylonToolbar.srch", "");
Deleted : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.tlbrid", "base");
Deleted : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1221:25:11");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Deleted : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1221:25:11");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1221:25:11");
Deleted : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.5.0,{8f8fe09b-0bd3-4470-bc1b-8cad42b820[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=[...]
File : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v26.0.1410.43
File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.14.1738.0
File : C:\Documents and Settings\johny\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
File : C:\Documents and Settings\johny\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [63257 octets] - [09/04/2013 21:10:49]
AdwCleaner[S1].txt - [38333 octets] - [09/04/2013 21:36:23]
########## EOF - C:\AdwCleaner[S1].txt - [38394 octets] ##########
# AdwCleaner v2.200 - Logfile created 04/09/2013 at 21:36:23
# Updated 02/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : johny - ALTY6
# Boot Mode : Normal
# Running from : F:\download\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Deleted on reboot : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Deleted on reboot : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
File Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\johny\My Documents\Uninstall.exe
File Deleted : C:\user.js
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\johny\Application Data\BabSolution
Folder Deleted : C:\Documents and Settings\johny\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\johny\Application Data\BabylonToolbar
Folder Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\CT2790392
Folder Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Deleted : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Documents and Settings\johny\Local Settings\Application Data\APN
Folder Deleted : C:\Documents and Settings\johny\Local Settings\Application Data\BitTorrentBar
Folder Deleted : C:\Documents and Settings\johny\Local Settings\Application Data\Conduit
Folder Deleted : C:\Program Files\Conduit
***** [Registry] *****
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\BitTorrentBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\BitTorrentBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6B7CAA5-9197-4954-B4BB-BA46A7EC310C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF798C9A-77DC-43A4-B81D-0EE61BACFFCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Key Deleted : HKLM\Software\PIP
***** [Internet Browsers] *****
-\\ Internet Explorer v7.0.5730.13
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/hypercam/{69D6DB25-8 ... 24334F3CE5} --> hxxp://www.google.com
-\\ Mozilla Firefox v15.0.1 (en-US)
File : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\prefs.js
Deleted : user_pref("CT2790392..clientLogIsEnabled", true);
Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
Deleted : user_pref("CT2790392.CTID", "CT2790392");
Deleted : user_pref("CT2790392.CurrentServerDate", "7-4-2013");
Deleted : user_pref("CT2790392.DSChangedManually", false);
Deleted : user_pref("CT2790392.DSInstall", true);
Deleted : user_pref("CT2790392.DSProtectChoice", true);
Deleted : user_pref("CT2790392.DSProtectCount", 1);
Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat Apr 06 2013 17:33:24 GMT+0200 (Central Europe[...]
Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
Deleted : user_pref("CT2790392.EMailNotifierPollDate", "Sat Apr 06 2013 17:33:22 GMT+0200 (Central Europe Dayl[...]
Deleted : user_pref("CT2790392.FeedLastCount129313977501788460", 467);
Deleted : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Apr 06 2013 17:33:23 GMT+0200 (Central Eu[...]
Deleted : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Deleted : user_pref("CT2790392.FeedTTL129313975698350231", 5);
Deleted : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Deleted : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Deleted : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Deleted : user_pref("CT2790392.FirstServerDate", "15-7-2012");
Deleted : user_pref("CT2790392.FirstTime", true);
Deleted : user_pref("CT2790392.FirstTimeFF3", true);
Deleted : user_pref("CT2790392.FirstTimeHiddenVer", true);
Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2790392.HPChangedManually", true);
Deleted : user_pref("CT2790392.HPInstall", true);
Deleted : user_pref("CT2790392.HPProtectChoice", true);
Deleted : user_pref("CT2790392.HPProtectCount", 1);
Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
Deleted : user_pref("CT2790392.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=[...]
Deleted : user_pref("CT2790392.Initialize", true);
Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2790392.InstallationId", "fft2D.tmp.exe");
Deleted : user_pref("CT2790392.InstallationType", "XPE");
Deleted : user_pref("CT2790392.InstalledDate", "Sun Jul 15 2012 20:02:59 GMT+0200 (Central Europe Daylight Tim[...]
Deleted : user_pref("CT2790392.IsAlertDBUpdated", true);
Deleted : user_pref("CT2790392.IsGrouping", false);
Deleted : user_pref("CT2790392.IsInitSetupIni", true);
Deleted : user_pref("CT2790392.IsMulticommunity", false);
Deleted : user_pref("CT2790392.IsOpenThankYouPage", false);
Deleted : user_pref("CT2790392.IsOpenUninstallPage", false);
Deleted : user_pref("CT2790392.IsProtectorsInit", true);
Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe [...]
Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2790392.LastLogin_3.13.0.6", "Wed Jul 25 2012 20:42:02 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT2790392.LastLogin_3.16.0.3", "Sat Feb 09 2013 01:26:14 GMT+0100 (Central Europe Standar[...]
Deleted : user_pref("CT2790392.LastLogin_3.18.0.7", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT2790392.LatestVersion", "3.18.0.7");
Deleted : user_pref("CT2790392.Locale", "en");
Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2790392.MCDetectTooltipShow", false);
Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.13.0.6");
Deleted : user_pref("CT2790392.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Deleted : user_pref("CT2790392.SearchEngineBeforeUnload", "BitTorrentBar Customized Web Search");
Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europ[...]
Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2790392.SearchProtectorEnabled", false);
Deleted : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Sun Apr 07 2013 21:34:14 GMT+0200 (Central Europe Da[...]
Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Sun Apr 07 2013 21:34:13 GMT+0200 (Central Europe Dayl[...]
Deleted : user_pref("CT2790392.SettingsLastUpdate", "1365360515");
Deleted : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Deleted : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Fri Mar 29 2013 17:15:43 GMT+0100 (Central Eur[...]
Deleted : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2790392.UserID", "UN97635022403183482");
Deleted : user_pref("CT2790392.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2790392.WeatherNetwork", "");
Deleted : user_pref("CT2790392.WeatherPollDate", "Sat Apr 06 2013 17:53:24 GMT+0200 (Central Europe Daylight T[...]
Deleted : user_pref("CT2790392.WeatherUnit", "C");
Deleted : user_pref("CT2790392.alertChannelId", "1182482");
Deleted : user_pref("CT2790392.approveUntrustedApps", false);
Deleted : user_pref("CT2790392.autoDisableScopes", -1);
Deleted : user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6B716F6E7172776F");
Deleted : user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737177757477787D75242F4B4947[...]
Deleted : user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Deleted : user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
Deleted : user_pref("CT2790392.backendstorage./9b-0?3g>d", "3B3A3E6972406C757A724475492049767E4F257C514F212A23[...]
Deleted : user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
Deleted : user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Deleted : user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Deleted : user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Deleted : user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D464[...]
Deleted : user_pref("CT2790392.backendstorage./9b5ba==9cjag", "6A3F6E693F3F3F407A707479724A4C487D79507A24");
Deleted : user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B6D716E73727673747478");
Deleted : user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
Deleted : user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
Deleted : user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F7674737975772A7975727A7B757E78");
Deleted : user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
Deleted : user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Deleted : user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
Deleted : user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Deleted : user_pref("CT2790392.backendstorage.cb", "31");
Deleted : user_pref("CT2790392.backendstorage.cb_experience_000", "32");
Deleted : user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT2790392.backendstorage.cb_user_id_000", "43423431393136373639383437395F3133363134363538[...]
Deleted : user_pref("CT2790392.backendstorage.cbcountry_001", "534B");
Deleted : user_pref("CT2790392.backendstorage.cbfirsttime", "53756E204A756C20313520323031322032303A30333A30342[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333635323632343134323336");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B22[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E342E342E36");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333635323632343131323630");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C69637[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.0.4", "7B22537461747573223A227375636365656465[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A227375636365656465[...]
Deleted : user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
Deleted : user_pref("CT2790392.backendstorage.mam_gk_userid", "30346664646134302D396330332D346534392D626538342[...]
Deleted : user_pref("CT2790392.backendstorage.pg_enable", "74727565");
Deleted : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Deleted : user_pref("CT2790392.backendstorage.searchappstate", "33");
Deleted : user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
Deleted : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F7A766564617665632E6F72672F6B6F6[...]
Deleted : user_pref("CT2790392.components.1000034", false);
Deleted : user_pref("CT2790392.components.1000234", false);
Deleted : user_pref("CT2790392.components.129309565073350181", false);
Deleted : user_pref("CT2790392.components.129309577647413174", false);
Deleted : user_pref("CT2790392.components.129309578575850709", false);
Deleted : user_pref("CT2790392.components.129313977501788460", false);
Deleted : user_pref("CT2790392.components.129526968991422666", false);
Deleted : user_pref("CT2790392.components.129791371079091292", false);
Deleted : user_pref("CT2790392.components.129820989550310799", false);
Deleted : user_pref("CT2790392.components.130059329278017115", false);
Deleted : user_pref("CT2790392.components.1359634298000", false);
Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Fri Mar 29 2013 17:15:48 GMT+0100 (Central [...]
Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2790392.initDone", true);
Deleted : user_pref("CT2790392.isAppTrackingManagerOn", false);
Deleted : user_pref("CT2790392.myStuffEnabled", true);
Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2790392.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2790392.revertSettingsEnabled", true);
Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2790392.testingCtid", "");
Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (Central E[...]
Deleted : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Fri Mar 29 2013 17:15:47 GMT+0100 (Central E[...]
Deleted : user_pref("CT2790392.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2790392&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4be[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\johny\\Application[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Deleted : user_pref("CommunityToolbar.globalUserId", "abe9a486-f4f5-4975-9c73-4cd50c2df6ea");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Mar 29 2013 17:15:4[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Apr 07 2013 21:34:15 GMT+0200 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "6fc7cf72-318e-480a-955f-1136c8b45135");
Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112060&tt=120912_nocpc_3912_1&babs[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&Sea[...]
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Deleted : user_pref("extensions.BabylonToolbar.babext", "babExt");
Deleted : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", "7");
Deleted : user_pref("extensions.BabylonToolbar.cntry", "SK");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Deleted : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Deleted : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.firstrun", false);
Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "5C2BD987981CDBDDA38A22A81CDD3E70");
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.hrdid", "2c36d1df0000000000000022431c3061");
Deleted : user_pref("extensions.BabylonToolbar.id", "2c36d1df0000000000000022431c3061");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15607");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.instlday", "15607");
Deleted : user_pref("extensions.BabylonToolbar.instlref", "sst");
Deleted : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Deleted : user_pref("extensions.BabylonToolbar.keywordurl", "");
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1221:25:11");
Deleted : user_pref("extensions.BabylonToolbar.lastdp", 24);
Deleted : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar.newtab", "false");
Deleted : user_pref("extensions.BabylonToolbar.newtaburl", "");
Deleted : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"69\",\"lastVrsn\":\"69\",\"vrsnLoad\[...]
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Deleted : user_pref("extensions.BabylonToolbar.sg", "azb");
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Deleted : user_pref("extensions.BabylonToolbar.smplgrp", "azb");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.srcext", "ss");
Deleted : user_pref("extensions.BabylonToolbar.srch", "");
Deleted : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.tlbrid", "base");
Deleted : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1221:25:11");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Deleted : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1221:25:11");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112060&tt=120912_nocpc_3912_1");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1221:25:11");
Deleted : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.5.0,{8f8fe09b-0bd3-4470-bc1b-8cad42b820[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=[...]
File : C:\Documents and Settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v26.0.1410.43
File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Documents and Settings\johny\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.14.1738.0
File : C:\Documents and Settings\johny\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
File : C:\Documents and Settings\johny\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [63257 octets] - [09/04/2013 21:10:49]
AdwCleaner[S1].txt - [38333 octets] - [09/04/2013 21:36:23]
########## EOF - C:\AdwCleaner[S1].txt - [38394 octets] ##########
Re: Prosim CHECK
No dobrá, ale příště raději opatrně.johny1 píše:Prepac Roli, nevsimol som si otazku. Neporadil mi to nikto, viem ze je to dobry nastroj na odstranenie malwaru a data mam zalohovane tak som ho spustil
Když už jsi ho spustil tak mi sem dej z něho log.
Re: Prosim CHECK
ComboFix 13-04-09.01 - johny . 04. 2013 21:52:14.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2039.1623 [GMT 2:00]
Running from: c:\documents and settings\johny\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2013-03-09 to 2013-04-09 )))))))))))))))))))))))))))))))
.
.
2013-04-09 18:08 . 2013-04-09 18:08 -------- d-----w- C:\rsit
2013-04-09 17:09 . 2013-04-09 17:14 111691960 ----a-w- C:\avast_free_antivirus_setup.exe
2013-04-09 16:50 . 2013-03-06 22:33 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-04-09 16:50 . 2013-03-06 22:33 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-04-09 16:50 . 2013-03-06 22:33 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-04-09 16:50 . 2013-03-06 22:33 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-04-09 16:50 . 2013-03-06 22:33 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-04-09 16:50 . 2013-03-06 22:33 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-04-09 16:50 . 2013-03-06 22:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-04-09 16:50 . 2013-03-06 22:32 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-09 16:48 . 2013-04-09 16:48 -------- d-----w- c:\program files\AVAST Software
2013-04-06 22:56 . 2013-04-06 22:56 -------- d-----w- C:\backups
2013-04-06 22:54 . 2013-04-06 22:54 388608 ----a-w- C:\HijackThis.exe
2013-04-06 22:52 . 2013-04-06 22:52 -------- d-----w- C:\ProcessExplorer (1)
2013-04-04 11:35 . 2013-04-04 11:35 -------- d-----w- c:\documents and settings\johny\Application Data\Eltima Software
2013-04-03 17:08 . 2013-04-04 12:12 -------- d-----w- c:\program files\WinPcap
2013-04-02 19:48 . 2013-04-02 19:48 -------- d-----w- c:\program files\Opera
2013-03-25 16:33 . 2013-03-25 16:33 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Google
2013-03-14 19:26 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-14 19:26 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 19:21 . 2012-07-15 18:14 558133 ----a-w- c:\windows\system32\sqlite3.dll
2013-03-06 23:32 . 2013-02-01 18:34 41664 ----a-w- c:\windows\avastSS.scr
2013-02-13 21:26 . 2012-11-08 17:29 33512 ----a-w- c:\windows\system32\drivers\taphss.sys
2013-01-31 09:50 . 2012-02-22 10:34 22656 ----a-w- c:\windows\system32\drivers\mcaudrv.sys
2013-01-19 14:58 . 2013-01-19 14:58 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-19 14:58 . 2013-01-19 14:58 859552 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-19 14:58 . 2012-02-24 13:26 780192 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-19 14:58 . 2012-02-20 07:37 143872 ----a-w- c:\windows\system32\javacpl.cpl
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-08-10 . 43BBFCC87F3A3F82935C285F51CFB7D7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2008-08-10 . B6F389958D3F7E3C3531341E118FF496 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2008-08-10 123904]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
2011-01-12 05:08 1523360 ----a-w- c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2012-02-24 13:05 69632 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-11-08 14:56 166424 ----a-r- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
2012-09-29 18:54 766536 ----a-w- f:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2012-06-26 11:10 1516632 ----a-w- f:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2012-02-24 13:05 16861184 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
2013-01-07 11:03 446648 ----a-w- c:\program files\Sony\Sony PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 08:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-11-16 19:42 1024000 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"f:\\Program Files\\Age of Empires\\Empires.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8080:TCP"= 8080:TCP:www
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/14/2013 9:26 PM 49248]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [4/9/2013 6:50 PM 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4/9/2013 6:50 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4/9/2013 6:50 PM 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4/9/2013 6:50 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [4/9/2013 6:50 PM 66336]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6/25/2010 7:07 PM 35088]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/23/2012 4:31 PM 22856]
S2 MBAMService;MBAMService;f:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/23/2012 4:31 PM 676936]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/14/2013 9:26 PM 164736]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\drivers\mcvidrv.sys [1/11/2012 8:11 AM 34432]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2/22/2012 12:34 PM 22656]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
S4 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [12/24/2012 10:12 PM 155320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-31 13:30 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-09 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-04-09 22:32]
.
2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-26 19:19]
.
2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-26 19:19]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://get.adobe.com/flashplayer/
FF - ProfilePath - c:\documents and settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\
FF - prefs.js: network.proxy.ftp - 212.5.206.209
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 212.5.206.209
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 212.5.206.209
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 212.5.206.209
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-04-03 18:31; firebug@software.joehewitt.com; c:\documents and settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\firebug@software.joehewitt.com.xpi
FF - ExtSQL: 2013-04-03 18:33; flashbug@coursevector.com; c:\documents and settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\flashbug@coursevector.com
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-WinRAR archiver - c:\documents and settings\johny\My Documents\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-09 21:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2013-04-09 21:57:11
ComboFix-quarantined-files.txt 2013-04-09 19:57
ComboFix2.txt 2013-04-09 18:05
.
Pre-Run: 120 258 560 bytes free
Post-Run: 234 770 432 bytes free
.
- - End Of File - - D43BB5A805794C995712D30F14C1177C
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2039.1623 [GMT 2:00]
Running from: c:\documents and settings\johny\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2013-03-09 to 2013-04-09 )))))))))))))))))))))))))))))))
.
.
2013-04-09 18:08 . 2013-04-09 18:08 -------- d-----w- C:\rsit
2013-04-09 17:09 . 2013-04-09 17:14 111691960 ----a-w- C:\avast_free_antivirus_setup.exe
2013-04-09 16:50 . 2013-03-06 22:33 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-04-09 16:50 . 2013-03-06 22:33 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-04-09 16:50 . 2013-03-06 22:33 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-04-09 16:50 . 2013-03-06 22:33 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-04-09 16:50 . 2013-03-06 22:33 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-04-09 16:50 . 2013-03-06 22:33 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-04-09 16:50 . 2013-03-06 22:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-04-09 16:50 . 2013-03-06 22:32 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-09 16:48 . 2013-04-09 16:48 -------- d-----w- c:\program files\AVAST Software
2013-04-06 22:56 . 2013-04-06 22:56 -------- d-----w- C:\backups
2013-04-06 22:54 . 2013-04-06 22:54 388608 ----a-w- C:\HijackThis.exe
2013-04-06 22:52 . 2013-04-06 22:52 -------- d-----w- C:\ProcessExplorer (1)
2013-04-04 11:35 . 2013-04-04 11:35 -------- d-----w- c:\documents and settings\johny\Application Data\Eltima Software
2013-04-03 17:08 . 2013-04-04 12:12 -------- d-----w- c:\program files\WinPcap
2013-04-02 19:48 . 2013-04-02 19:48 -------- d-----w- c:\program files\Opera
2013-03-25 16:33 . 2013-03-25 16:33 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Google
2013-03-14 19:26 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-14 19:26 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 19:21 . 2012-07-15 18:14 558133 ----a-w- c:\windows\system32\sqlite3.dll
2013-03-06 23:32 . 2013-02-01 18:34 41664 ----a-w- c:\windows\avastSS.scr
2013-02-13 21:26 . 2012-11-08 17:29 33512 ----a-w- c:\windows\system32\drivers\taphss.sys
2013-01-31 09:50 . 2012-02-22 10:34 22656 ----a-w- c:\windows\system32\drivers\mcaudrv.sys
2013-01-19 14:58 . 2013-01-19 14:58 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-19 14:58 . 2013-01-19 14:58 859552 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-19 14:58 . 2012-02-24 13:26 780192 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-19 14:58 . 2012-02-20 07:37 143872 ----a-w- c:\windows\system32\javacpl.cpl
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-08-10 . 43BBFCC87F3A3F82935C285F51CFB7D7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2008-08-10 . B6F389958D3F7E3C3531341E118FF496 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2008-08-10 123904]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
2011-01-12 05:08 1523360 ----a-w- c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2012-02-24 13:05 69632 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-11-08 14:56 166424 ----a-r- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
2012-09-29 18:54 766536 ----a-w- f:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2012-06-26 11:10 1516632 ----a-w- f:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2012-02-24 13:05 16861184 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
2013-01-07 11:03 446648 ----a-w- c:\program files\Sony\Sony PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 08:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-11-16 19:42 1024000 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"f:\\Program Files\\Age of Empires\\Empires.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8080:TCP"= 8080:TCP:www
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/14/2013 9:26 PM 49248]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [4/9/2013 6:50 PM 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4/9/2013 6:50 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4/9/2013 6:50 PM 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4/9/2013 6:50 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [4/9/2013 6:50 PM 66336]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6/25/2010 7:07 PM 35088]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/23/2012 4:31 PM 22856]
S2 MBAMService;MBAMService;f:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/23/2012 4:31 PM 676936]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/14/2013 9:26 PM 164736]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\drivers\mcvidrv.sys [1/11/2012 8:11 AM 34432]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2/22/2012 12:34 PM 22656]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
S4 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [12/24/2012 10:12 PM 155320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-31 13:30 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-09 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-04-09 22:32]
.
2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-26 19:19]
.
2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-26 19:19]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://get.adobe.com/flashplayer/
FF - ProfilePath - c:\documents and settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\
FF - prefs.js: network.proxy.ftp - 212.5.206.209
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 212.5.206.209
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 212.5.206.209
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 212.5.206.209
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-04-03 18:31; firebug@software.joehewitt.com; c:\documents and settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\firebug@software.joehewitt.com.xpi
FF - ExtSQL: 2013-04-03 18:33; flashbug@coursevector.com; c:\documents and settings\johny\Application Data\Mozilla\Firefox\Profiles\e2e8i02n.default\extensions\flashbug@coursevector.com
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-WinRAR archiver - c:\documents and settings\johny\My Documents\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-09 21:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2013-04-09 21:57:11
ComboFix-quarantined-files.txt 2013-04-09 19:57
ComboFix2.txt 2013-04-09 18:05
.
Pre-Run: 120 258 560 bytes free
Post-Run: 234 770 432 bytes free
.
- - End Of File - - D43BB5A805794C995712D30F14C1177C
Re: Prosim CHECK
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Pak dej vědět jaký je stav PC, respektive co ty restarty.
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Pak dej vědět jaký je stav PC, respektive co ty restarty.
Re: Prosim CHECK
Vsetko som vycistil, notebook sa stale obcas restartuje. Na disku su chybne sektory, myslim si ze to je aj tym. Inak ked davam antivirovu kontrolu stroskota prave na chybnych sektoroch kedy aplikacia zamrzne a pocujem ako hlava disku vydava zvlastny zvuk, preto ma trochu znepokojuje ze nemozem urobit kontrolu diskov.
Re: Prosim CHECK
No tak to bych Ti doporučil udělat zálohu důležitých věcí a počítej s tím, že disk může brzy kleknout.johny1 píše:.............. Na disku su chybne sektory, myslim si ze to je aj tym. Inak ked davam antivirovu kontrolu stroskota prave na chybnych sektoroch kedy aplikacia zamrzne a pocujem ako hlava disku vydava zvlastny zvuk, preto ma trochu znepokojuje ze nemozem urobit kontrolu diskov.
Re: Prosim CHECK
Jasne. Este sa ta chcem opytat ake opatrenia odporucas ked sa chcem prihlasit do i-bankingu? Oplati sa mi ist cez nejaku virtual machine ci ani nie?
Přispějete na provoz fóra?