# AdwCleaner v1.410 - Logfile created 02/22/2012 at 11:35:45 # Updated 20/02/2012 by Xplode # Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits) # User : KSIĘGOWA - KSIĘGOWA (Administrator) # Running from : C:\Users\KSIĘGOWA\Desktop\VIRUS\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\KSIĘGOWA\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} File Found : C:\Program Files\Mozilla Firefox\.autoreg ***** [Registry] ***** Key Found : HKLM\SOFTWARE\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v3.6.26 (pl) Profile : 6wsh8e2p.default File : C:\Users\KSIĘGOWA\AppData\Roaming\Mozilla\Firefox\Profiles\6wsh8e2p.default\prefs.js Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Found : user_pref("extensions.BabylonToolbar.admin", false); Found : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar.babExt", ""); Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=100482"); Found : user_pref("extensions.BabylonToolbar.bbDpng", 20); Found : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Found : user_pref("extensions.BabylonToolbar.dfltSrch", true); Found : user_pref("extensions.BabylonToolbar.hmpg", true); Found : user_pref("extensions.BabylonToolbar.id", "0a01168b000000000000000000000004"); Found : user_pref("extensions.BabylonToolbar.instlDay", "15363"); Found : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=100482&babsrc=adbar[...] Found : user_pref("extensions.BabylonToolbar.lastDP", 20); Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.178:22:16"); Found : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6"); Found : user_pref("extensions.BabylonToolbar.newTab", true); Found : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb"); Found : user_pref("extensions.BabylonToolbar.noFFXTlbr", false); Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar.propectorlck", 68291605); Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar.ptch_0717", true); Found : user_pref("extensions.BabylonToolbar.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); Found : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.178:22:16"); Found : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar_i.babExt", ""); Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100482"); Found : user_pref("extensions.BabylonToolbar_i.hardId", "0a01168b000000000000000000000004"); Found : user_pref("extensions.BabylonToolbar_i.id", "0a01168b000000000000000000000004"); Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15363"); Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar_i.newTab", false); Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.178:22:16"); Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Found : user_pref("extensions.RadioRage_4j.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opense[...] -\\ Google Chrome v17.0.963.56 File : C:\Users\KSIĘGOWA\AppData\Local\Google\Chrome\User Data\Default\Preferences Found : "homepage": "hxxp://search.babylon.com/?AF=100482&babsrc=HP_ss&mntrId=0a01168b0000000000000000000[...] ************************* AdwCleaner[R1].txt - [5351 octets] - [22/02/2012 11:35:45] ########## EOF - C:\AdwCleaner[R1].txt - [5479 octets] ##########