# AdwCleaner v2.306 - Log utworzony 27/07/2013 o 13:01:10 # Aktualizacja 19/07/2013 przez Xplode # System operacyjny : Windows Vista (TM) Home Basic Service Pack 2 (32 bits) # Użytkownik : Wadysaw - WADYSAW-PC # Tryb uruchomienia : Normalny # Ścieżka : C:\Users\Wadysaw\Desktop\nie usuwać!! - potrzebne do zniszczenia babylona\adwcleaner.exe # Opcja [Szukaj] ***** [Usługi] ***** ***** [Pliki / Foldery] ***** Folder Znaleziono : C:\Program Files\Protected Search Folder Znaleziono : C:\Program Files\Red Sky Folder Znaleziono : C:\Program Files\Zoomex Folder Znaleziono : C:\ProgramData\Ask Folder Znaleziono : C:\ProgramData\Babylon Folder Znaleziono : C:\ProgramData\Browser Manager Folder Znaleziono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango Folder Znaleziono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search Folder Znaleziono : C:\Users\Wadysaw\AppData\Local\DownTango Folder Znaleziono : C:\Users\Wadysaw\AppData\LocalLow\SimplyTech Folder Znaleziono : C:\Users\Wadysaw\AppData\Roaming\Babylon Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( arg. : hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Menu Start — skrót.lnk ( arg. : hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk ( arg. : hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk ( arg. : hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk ( arg. : hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk ( arg. : /prefetch:1 hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( arg. : -extoff hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( arg. : -extoff hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( arg. : hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Infected : C:\Users\Wadysaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( arg. : hxxp://search.certified-toolbar.com?si=41460&shortcut=true&tid=2937) Plik Znaleziono : C:\Users\Wadysaw\AppData\Roaming\Mozilla\Firefox\Profiles\dnxtgv7z.default-1374915078451\BrowserMngr_extensions.sqlite Plik Znaleziono : C:\Users\Wadysaw\AppData\Roaming\Mozilla\Firefox\Profiles\dnxtgv7z.default-1374915078451\browsermngr_prefs.js ***** [Rejestr] ***** Dane Znaleziono : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll Klucz Znaleziono : HKCU\Software\1ClickDownload Klucz Znaleziono : HKCU\Software\AppDataLow\SProtector Klucz Znaleziono : HKCU\Software\BrowserMngr Klucz Znaleziono : HKCU\Software\Conduit Klucz Znaleziono : HKCU\Software\DataMngr Klucz Znaleziono : HKCU\Software\InstallCore Klucz Znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Klucz Znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1 Klucz Znaleziono : HKCU\Software\PrivitizeVPNInstallDates Klucz Znaleziono : HKCU\Software\ProtectedSearch Klucz Znaleziono : HKCU\Software\StartSearch Klucz Znaleziono : HKCU\Software\YahooPartnerToolbar Klucz Znaleziono : HKLM\Software\BrowserMngr Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Klucz Znaleziono : HKLM\SOFTWARE\Classes\Prod.cap Klucz Znaleziono : HKLM\Software\Conduit Klucz Znaleziono : HKLM\Software\DataMngr Klucz Znaleziono : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf Klucz Znaleziono : HKLM\Software\Iminent Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Klucz Znaleziono : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Klucz Znaleziono : HKLM\SOFTWARE\Software Klucz Znaleziono : HKLM\Software\SProtector Klucz Znaleziono : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Klucz Znaleziono : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Klucz Znaleziono : HKU\S-1-5-21-73736342-2443057462-394513067-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Klucz Znaleziono : HKU\S-1-5-21-73736342-2443057462-394513067-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Wartość Znaleziono : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] ***** [Przeglądarki Internetowe] ***** -\\ Internet Explorer v9.0.8112.16496 [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= -\\ Mozilla Firefox v22.0 (pl) Plik : C:\Users\Wadysaw\AppData\Roaming\Mozilla\Firefox\Profiles\1gam1pz2.default-1374913287830\prefs.js Znaleziono : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=110819&tt=120812_bandext_331[...] Plik : C:\Users\Wadysaw\AppData\Roaming\Mozilla\Firefox\Profiles\6jycy6q5.default-1374911139949\prefs.js [OK] Plik w porządku. Plik : C:\Users\Wadysaw\AppData\Roaming\Mozilla\Firefox\Profiles\dnxtgv7z.default-1374915078451\prefs.js Znaleziono : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=110819&tt=120812_bandext_331[...] Plik : C:\Users\Wadysaw\AppData\Roaming\Mozilla\Firefox\Profiles\yzq30tcc.default\prefs.js Znaleziono : user_pref("CT1708250.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Znaleziono : user_pref("CT1708250.AllowNonPrivacy", false); Znaleziono : user_pref("CT1708250.CTID", "CT1708250"); Znaleziono : user_pref("CT1708250.Chat.Meebo.ServerLastCheckTime", "Wed Nov 18 2009 16:49:43 GMT+0100"); Znaleziono : user_pref("CT1708250.Chat.Meebo.ServerLastResponseTime", "Wed Nov 18 2009 16:49:44 GMT+0100"); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.2030dff2c5edb1", 43); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.30plusa87dca4f", 44); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.entertainmentc0ed09fb", 1); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.freelunchdesigncommunitychat88b4779c", 12); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.health3693b665", 0); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.musicj375cf270", 11); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.newsxu117b840d", 26); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.recreationab17d1f9", 0); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.spirituality39155c53", 0); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.sports522528d3", 22); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.technology8bb9fd5b", 0); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.teenagers833b8249", 65); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.travel8c2e48db", 4); Znaleziono : user_pref("CT1708250.Chat.Meebo.rooms.videogames2fe066e0", 1); Znaleziono : user_pref("CT1708250.Chat.ServerLastCheckTime", "Wed Nov 18 2009 16:49:39 GMT+0100"); Znaleziono : user_pref("CT1708250.CommunitiesChangesLastCheckTime", "Wed Nov 18 2009 16:49:38 GMT+0100"); Znaleziono : user_pref("CT1708250.CommunityChanged", false); Znaleziono : user_pref("CT1708250.DialogsAlignMode", "LTR"); Znaleziono : user_pref("CT1708250.DownloadDomainsCheckInterval", "168"); Znaleziono : user_pref("CT1708250.DownloadDomainsListLastCheckTime", "Wed Nov 18 2009 16:49:38 GMT+0100"); Znaleziono : user_pref("CT1708250.DownloadDomainsListLastServerUpdateTime", "1201073583"); Znaleziono : user_pref("CT1708250.EMailNotifierPollDate", "Wed Nov 18 2009 16:49:40 GMT+0100"); Znaleziono : user_pref("CT1708250.FirstTime", true); Znaleziono : user_pref("CT1708250.FirstTimeFF3", true); Znaleziono : user_pref("CT1708250.FixPageNotFoundErrors", true); Znaleziono : user_pref("CT1708250.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Znaleziono : user_pref("CT1708250.Initialize", true); Znaleziono : user_pref("CT1708250.InitializeCommonPrefs", true); Znaleziono : user_pref("CT1708250.InvalidateCache", false); Znaleziono : user_pref("CT1708250.IsGrouping", false); Znaleziono : user_pref("CT1708250.IsMulticommunity", true); Znaleziono : user_pref("CT1708250.IsOpenThankYouPage", true); Znaleziono : user_pref("CT1708250.IsOpenUninstallPage", true); Znaleziono : user_pref("CT1708250.LanguagePackLastCheckTime", "Wed Nov 18 2009 16:49:40 GMT+0100"); Znaleziono : user_pref("CT1708250.LanguagePackReloadIntervalMM", 1440); Znaleziono : user_pref("CT1708250.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Znaleziono : user_pref("CT1708250.LastLogin", "Wed Nov 18 2009 16:49:42 GMT+0100"); Znaleziono : user_pref("CT1708250.Locale", "en-us"); Znaleziono : user_pref("CT1708250.LoginCache", "4"); Znaleziono : user_pref("CT1708250.MCDetectTooltipHeight", "83"); Znaleziono : user_pref("CT1708250.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Znaleziono : user_pref("CT1708250.MCDetectTooltipWidth", "295"); Znaleziono : user_pref("CT1708250.RadioIsPodcast", false); Znaleziono : user_pref("CT1708250.RadioLastCheckTime", "Wed Nov 18 2009 16:49:46 GMT+0100"); Znaleziono : user_pref("CT1708250.RadioLastUpdateIPServer", "4"); Znaleziono : user_pref("CT1708250.RadioLastUpdateServer", "128929877726170000"); Znaleziono : user_pref("CT1708250.RadioMediaID", "10082384"); Znaleziono : user_pref("CT1708250.RadioMediaType", "Media Player"); Znaleziono : user_pref("CT1708250.RadioMenuSelectedID", "EBRadioMenu_CT170825010082384"); Znaleziono : user_pref("CT1708250.RadioStationName", "Old%20School%20Rap"); Znaleziono : user_pref("CT1708250.RadioStationURL", "hxxp://www.1club.fm/go/tunein.aspx?station=rapclassics"); Znaleziono : user_pref("CT1708250.SHRINK_TOOLBAR", 1); Znaleziono : user_pref("CT1708250.SearchFromAddressBarIsInit", true); Znaleziono : user_pref("CT1708250.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT170[...] Znaleziono : user_pref("CT1708250.Server", "hxxp://users.conduit.com"); Znaleziono : user_pref("CT1708250.SettingsInvalidateCache", false); Znaleziono : user_pref("CT1708250.SettingsLastUpdate", "1257928961"); Znaleziono : user_pref("CT1708250.ThirdPartyComponentsInterval", "72"); Znaleziono : user_pref("CT1708250.ThirdPartyComponentsLastCheck", "Wed Nov 18 2009 16:49:37 GMT+0100"); Znaleziono : user_pref("CT1708250.ThirdPartyComponentsLastUpdate", "1253889595"); Znaleziono : user_pref("CT1708250.ToolbarAlignMode", "SYSTEM"); Znaleziono : user_pref("CT1708250.ToolbarName", "Free Lunch Design"); Znaleziono : user_pref("CT1708250.UserID", "UN22318929632645446"); Znaleziono : user_pref("CT1708250.VusualLastUpdateTime", "1253889595"); Znaleziono : user_pref("CT1708250.WeatherNetwork", ""); Znaleziono : user_pref("CT1708250.WeatherPollDate", "Wed Nov 18 2009 16:49:42 GMT+0100"); Znaleziono : user_pref("CT1708250.WeatherUnit", "C"); Znaleziono : user_pref("CT1708250.clientLogIsEnabled", false); Znaleziono : user_pref("CT1708250.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Znaleziono : user_pref("CT1708250.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Znaleziono : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...] Znaleziono : user_pref("CommunityToolbar.ToolbarsList", "CT1708250"); Znaleziono : user_pref("CommunityToolbar.ToolbarsList2", "CT1708250"); Znaleziono : user_pref("CommunityToolbar.alert.alertInfoInterval", 60); Znaleziono : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Nov 18 2009 16:49:40 GMT+0100"); Znaleziono : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Znaleziono : user_pref("CommunityToolbar.alert.locale", "en"); Znaleziono : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Znaleziono : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Nov 18 2009 16:49:34 GMT+0100"); Znaleziono : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400"); Znaleziono : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Znaleziono : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Znaleziono : user_pref("CommunityToolbar.alert.showTrayIcon", false); Znaleziono : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Znaleziono : user_pref("CommunityToolbar.alert.userId", "{9ddb2972-0aa7-40b8-8019-26016247e5d7}"); Znaleziono : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=110819&tt=120812_bandext_3[...] Znaleziono : user_pref("avg.install.userSPSettings", "Search the web (Babylon)"); Znaleziono : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=110819&tt=120812_bandext_3312_4&ba[...] Znaleziono : user_pref("browser.search.defaultengine", "Web Search"); Znaleziono : user_pref("browser.search.defaultenginename", "Web Search"); Znaleziono : user_pref("browser.search.defaultthis.engineName", "Free Lunch Design Customized Web Search"); Znaleziono : user_pref("browser.search.order.1", "Web Search"); Znaleziono : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=110819&tt=120812_bandext_331[...] Znaleziono : user_pref("extensions.BabylonToolbar_i.newTab", true); Znaleziono : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110819&tt=12081[...] Znaleziono : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q="); Znaleziono : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.conduit.com/ResultsEx[...] Znaleziono : user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.babylon.com/?affID=110819&tt=120812_bandex[...] -\\ Google Chrome v [Nie udało się określić wersji] Plik : C:\Users\Wadysaw\AppData\Local\Google\Chrome\User Data\Default\Preferences Znaleziono [l.8] : homepage = "hxxp://searchab.com/?aff=7&uid=2152b60a-5cb3-11e2-9fc4-001f3ad603c2", Znaleziono [l.225] : homepage = "hxxp://searchab.com/?aff=7&uid=2152b60a-5cb3-11e2-9fc4-001f3ad603c2", ************************* AdwCleaner[R1].txt - [18513 octets] - [27/07/2013 13:01:10] ########## EOF - C:\AdwCleaner[R1].txt - [18574 octets] ##########