# AdwCleaner v3.006 - Report created 02/10/2013 at 16:12:24 # Updated 01/10/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Marcin - MARCIN-KOMPUTER # Running from : C:\Users\Marcin\Desktop\adwcleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found C:\Program Files (x86)\Delta Folder Found C:\ProgramData\Babylon Folder Found C:\ProgramData\BitGuard Folder Found C:\ProgramData\DSearchLink Folder Found C:\Users\Marcin\AppData\Roaming\Babylon ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\BabSolution Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\DataMngr_Toolbar Key Found : HKCU\Software\Delta Key Found : HKCU\Software\InstallCore Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : [x64] HKCU\Software\BabSolution Key Found : [x64] HKCU\Software\DataMngr Key Found : [x64] HKCU\Software\DataMngr_Toolbar Key Found : [x64] HKCU\Software\Delta Key Found : [x64] HKCU\Software\InstallCore Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKLM\SOFTWARE\5f4d88cb63bb843 Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1 Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1 Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} Key Found : HKLM\Software\DataMngr Key Found : HKLM\Software\Delta Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 -\\ Google Chrome v29.0.1547.76 [ File : C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2782 octets] - [02/10/2013 16:12:24] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2842 octets] ########## # AdwCleaner v3.010 - Log utworzony 21/10/2013 o 20:36:37 # Aktualizacja 20/10/2013 przez Xplode # System operacyjny : Windows 7 Professional Service Pack 1 (64 bits) # Uzytkownik : Marcin - MARCIN-KOMPUTER # Sciezka : C:\Users\Marcin\Downloads\adwcleaner.exe # Opcja : Szukaj ***** [ Uslugi ] ***** Usluga Znaleziono : update whilokii Usluga Znaleziono : Util Whilokii ***** [ Pliki / Foldery ] ***** Folder Znaleziono C:\Program Files (x86)\Whilokii Folder Znaleziono C:\ProgramData\DSearchLink Folder Znaleziono C:\Users\Marcin\AppData\LocalLow\Delta Folder Znaleziono C:\Users\Marcin\AppData\LocalLow\Minibar Plik Znaleziono : C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\ojqa32lk.default\bprotector_extensions.sqlite ***** [ Skróty ] ***** Skrót Znaleziono : C:\Users\Marcin\Desktop\Search.lnk ( -url hxxp://www.searchgol.com/?babsrc=DT_ss&mntrId=426E1867B034DFFD&affID=119357&tsp=5020 -wbr 4 ) ***** [ Rejestr ] ***** Klucz Znaleziono : HKCU\Software\AppDataLow\Software\Crossrider Klucz Znaleziono : HKCU\Software\BabSolution Klucz Znaleziono : HKCU\Software\BI Klucz Znaleziono : HKCU\Software\DataMngr Klucz Znaleziono : HKCU\Software\DataMngr_Toolbar Klucz Znaleziono : HKCU\Software\InstallCore Klucz Znaleziono : HKCU\Software\installedbrowserextensions Klucz Znaleziono : HKCU\Software\InstalledThirdPartyPrograms Klucz Znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{204DF522-9A96-4A72-ABB0-60F7A216D6D2} Klucz Znaleziono : HKCU\Software\Whilokii Klucz Znaleziono : [x64] HKCU\Software\BabSolution Klucz Znaleziono : [x64] HKCU\Software\BI Klucz Znaleziono : [x64] HKCU\Software\DataMngr Klucz Znaleziono : [x64] HKCU\Software\DataMngr_Toolbar Klucz Znaleziono : [x64] HKCU\Software\InstallCore Klucz Znaleziono : [x64] HKCU\Software\installedbrowserextensions Klucz Znaleziono : [x64] HKCU\Software\InstalledThirdPartyPrograms Klucz Znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Klucz Znaleziono : [x64] HKCU\Software\Whilokii Klucz Znaleziono : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Klucz Znaleziono : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Klucz Znaleziono : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Klucz Znaleziono : HKLM\SOFTWARE\Classes\CLSID\{204DF522-9A96-4A72-ABB0-60F7A216D6D2} Klucz Znaleziono : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Klucz Znaleziono : HKLM\SOFTWARE\Classes\CrossriderApp0041554.BHO Klucz Znaleziono : HKLM\SOFTWARE\Classes\CrossriderApp0041554.BHO.1 Klucz Znaleziono : HKLM\SOFTWARE\Classes\CrossriderApp0041554.Sandbox Klucz Znaleziono : HKLM\SOFTWARE\Classes\CrossriderApp0041554.Sandbox.1 Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455155554} Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466156654} Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1} Klucz Znaleziono : HKLM\SOFTWARE\Classes\Prod.cap Klucz Znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{0131533C-F056-4E64-8A9D-B7C0EF342EFD} Klucz Znaleziono : HKLM\Software\DataMngr Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{204DF522-9A96-4A72-ABB0-60F7A216D6D2} Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller Klucz Znaleziono : HKLM\Software\Whilokii Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455155554} Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466156654} Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1} Klucz Znaleziono : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms Klucz Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Whilokii Wartosc Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs] ***** [ Przegladarki internetowe ] ***** -\\ Internet Explorer v10.0.9200.16720 Ustawienie Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs] - hxxp://www.searchgol.com/?babsrc=NT_ss&mntrId=426E1867B034DFFD&affID=119357&tsp=5020 -\\ Mozilla Firefox v [ Plik : C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\a6wuznt8.default\prefs.js ] Wpis znaleziony : user_pref("extensions.crossrider.bic", "1419dc8441dd2ad9b7bd091b81a58d1c"); Wpis znaleziony : user_pref("extensions.kango.storage.m2_k1", "0"); Wpis znaleziony : user_pref("extensions.kango.storage.m2_k2", "0"); Wpis znaleziony : user_pref("extensions.kango.storage.m2_k3", "0"); Wpis znaleziony : user_pref("extensions.kango.storage.m2_k4", "1381475658659"); Wpis znaleziony : user_pref("extensions.kango.storage.m2_k5", "1381333605559"); Wpis znaleziony : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"AppsHat\",\"description\":\"AppsHat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%affi[...] Wpis znaleziony : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...] Wpis znaleziony : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...] -\\ Google Chrome v30.0.1599.101 [ Plik : C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [8952 octets] - [02/10/2013 16:12:24] AdwCleaner[S0].txt - [2673 octets] - [02/10/2013 16:13:01] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9072 octets] ##########