# AdwCleaner v4.105 - Log utworzony 13/12/2014 o 16:36:35 # Aktualizacja 08/12/2014 przez Xplode # Database : 2014-12-13.4 [Live] # System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits) # Użytkownik : Rafal - RAFAL-W # Ścieżka : C:\Users\Rafal\Downloads\adwcleaner_4.105_www.INSTALKI.pl.exe # Opcja : Szukaj ***** [ Usługi ] ***** ***** [ Pliki / Foldery ] ***** Folder Znaleziono : C:\Program Files (x86)\globalUpdate Folder Znaleziono : C:\Program Files (x86)\LuckyTab Folder Znaleziono : C:\Program Files (x86)\NewPlayer Folder Znaleziono : C:\Program Files (x86)\NewPlayer Folder Znaleziono : C:\Program Files (x86)\YourFileDownloaderUpdater Folder Znaleziono : C:\ProgramData\544020358666808469 Folder Znaleziono : C:\ProgramData\Media Get LLC Folder Znaleziono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer Folder Znaleziono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer Folder Znaleziono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 Folder Znaleziono : C:\ProgramData\WindowsMangerProtect Folder Znaleziono : C:\Users\Rafal\AppData\Local\ContextFree Folder Znaleziono : C:\Users\Rafal\AppData\Local\genienext Folder Znaleziono : C:\Users\Rafal\AppData\Local\globalUpdate Folder Znaleziono : C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm Folder Znaleziono : C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah Folder Znaleziono : C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn Folder Znaleziono : C:\Users\Rafal\AppData\Local\MediaGet2 Folder Znaleziono : C:\Users\Rafal\AppData\Roaming\DownloadManager Folder Znaleziono : C:\Users\Rafal\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab Folder Znaleziono : C:\Users\Rafal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage Folder Znaleziono : C:\Users\Rafal\AppData\Roaming\newnext.me Folder Znaleziono : C:\Users\Rafal\AppData\Roaming\Nosibay Folder Znaleziono : C:\Users\Rafal\AppData\Roaming\Speedial Folder Znaleziono : C:\Users\Rafal\AppData\Roaming\Uniblue Folder Znaleziono : C:\Users\Rafal\Documents\DownVision Folder Znaleziono : C:\Users\Rafal\Documents\Optimizer Pro Folder Znaleziono : C:\Users\wangzhisong\AppData\Local\Mobogenie Plik Znaleziono : C:\END Plik Znaleziono : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml Plik Znaleziono : C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx Plik Znaleziono : C:\Users\Rafal\AppData\Roaming\Mozilla\Firefox\Profiles\8xsppymq.default-1405266107145\searchplugins\trovi-search.xml Plik Znaleziono : C:\Users\Rafal\AppData\Roaming\WindApp.boostrap.log Plik Znaleziono : C:\Users\Rafal\daemonprocess.txt ***** [ Zadania ] ***** Zadanie Znaleziono : Optimizer Pro Schedule Zadanie Znaleziono : Speedial Zadanie Znaleziono : Update Service YourFileDownloader Zadanie Znaleziono : LuckyTab ***** [ Skróty ] ***** ***** [ Rejestr ] ***** Dane Znaleziono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1405261940&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX30E99H1567H1567 Klucz Znaleziono : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Klucz Znaleziono : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Klucz Znaleziono : HKCU\Software\AppDataLow\Software\Crossrider Klucz Znaleziono : HKCU\Software\ContextFree Klucz Znaleziono : HKCU\Software\Driver Pro Klucz Znaleziono : HKCU\Software\dt soft\daemon tools toolbar Klucz Znaleziono : HKCU\Software\GlobalUpdate Klucz Znaleziono : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd Klucz Znaleziono : HKCU\Software\InstallCore Klucz Znaleziono : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istart.webssearches.com Klucz Znaleziono : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webssearches.com Klucz Znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Klucz Znaleziono : HKCU\Software\Mozilla\Extends Klucz Znaleziono : HKCU\Software\Nosibay Klucz Znaleziono : HKCU\Software\Optimizer Pro Klucz Znaleziono : HKCU\Software\Softonic Klucz Znaleziono : HKCU\Software\Speedial Klucz Znaleziono : HKCU\Software\Store Klucz Znaleziono : HKCU\Software\TutoTag Klucz Znaleziono : [x64] HKCU\Software\ContextFree Klucz Znaleziono : [x64] HKCU\Software\Driver Pro Klucz Znaleziono : [x64] HKCU\Software\dt soft\daemon tools toolbar Klucz Znaleziono : [x64] HKCU\Software\GlobalUpdate Klucz Znaleziono : [x64] HKCU\Software\InstallCore Klucz Znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Klucz Znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Klucz Znaleziono : [x64] HKCU\Software\Nosibay Klucz Znaleziono : [x64] HKCU\Software\Optimizer Pro Klucz Znaleziono : [x64] HKCU\Software\Softonic Klucz Znaleziono : [x64] HKCU\Software\Speedial Klucz Znaleziono : [x64] HKCU\Software\Store Klucz Znaleziono : [x64] HKCU\Software\TutoTag Klucz Znaleziono : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Klucz Znaleziono : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Klucz Znaleziono : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Klucz Znaleziono : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Klucz Znaleziono : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326} Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Klucz Znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Klucz Znaleziono : HKLM\SOFTWARE\GoforFiles Klucz Znaleziono : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd Klucz Znaleziono : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma Klucz Znaleziono : HKLM\SOFTWARE\InstallCore Klucz Znaleziono : HKLM\SOFTWARE\LuckyTab Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0} Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_US Toolbar Klucz Znaleziono : HKLM\SOFTWARE\NewPlayer Klucz Znaleziono : HKLM\SOFTWARE\Tutorials Klucz Znaleziono : HKLM\SOFTWARE\webssearchesSoftware Klucz Znaleziono : HKLM\SOFTWARE\YourFileDownloader Klucz Znaleziono : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326} Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Klucz Znaleziono : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd Klucz Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B} Klucz Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Klucz Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Wartość Znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com] ***** [ Przeglądarki internetowe ] ***** -\\ Internet Explorer v11.0.9600.17496 Ustawienie Znaleziono : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.flyandsearch.info/?unqvl=59&idate=2014/08/15 Ustawienie Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://istart.webssearches.com/web/?type=ds&ts=1405261940&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX30E99H1567H1567&q={searchTerms} Ustawienie Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1405261940&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX30E99H1567H1567 Ustawienie Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.flyandsearch.info/?unqvl=59&idate=2014/08/15 Ustawienie Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1405261940&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX30E99H1567H1567&q={searchTerms} Ustawienie Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://istart.webssearches.com/web/?type=ds&ts=1405261940&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX30E99H1567H1567&q={searchTerms} Ustawienie Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1405261940&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX30E99H1567H1567 Ustawienie Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1405261940&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX30E99H1567H1567 Ustawienie Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1405261940&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WX30E99H1567H1567&q={searchTerms} -\\ Mozilla Firefox v33.1.1 (x86 pl) [8xsppymq.default-1405266107145] - Wpis znaleziony : user_pref("extensions.1zO6RnEWInBeiJzV.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...] [8xsppymq.default-1405266107145] - Wpis znaleziony : user_pref("extensions.26tvfqgYEogHOXDr.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...] [8xsppymq.default-1405266107145] - Wpis znaleziony : user_pref("extensions.9bEXOIn8VyAVWFTX.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...] [8xsppymq.default-1405266107145] - Wpis znaleziony : user_pref("extensions.FaREV5Hh2gOSLYTF.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...] [8xsppymq.default-1405266107145] - Wpis znaleziony : user_pref("extensions.NxGzrhpZYDI3CrAA.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...] [8xsppymq.default-1405266107145] - Wpis znaleziony : user_pref("extensions.VRjqxdMZFyrYENM4.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...] [8xsppymq.default-1405266107145] - Wpis znaleziony : user_pref("extensions.crossrider.bic", "1478beca2ee701a53fea932eb171bf70"); [8xsppymq.default-1405266107145] - Wpis znaleziony : user_pref("extensions.h0EFJoLgCSj3Ixpy.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...] -\\ Google Chrome v39.0.2171.65 [C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Web data] - Znaleziono [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325580&octid=EB_ORIGINAL_CTID&ISID=MC2FF06B1-E2CA-491B-AE66-7A326D4BF7D3&SearchSource=58&CUI=&UM=2&UP=SP56F9FE0D-B7E6-4E80-BF25-645DC58EDA18&q={searchTerms}&SSPV= [C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\Web data] - Znaleziono [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325580&octid=EB_ORIGINAL_CTID&ISID=MC2FF06B1-E2CA-491B-AE66-7A326D4BF7D3&SearchSource=58&CUI=&UM=2&UP=SP56F9FE0D-B7E6-4E80-BF25-645DC58EDA18&q={searchTerms}&SSPV= [C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\preferences] - Znaleziono [Extension] : bakijjialdiiboeaknfpmflphhmljfkd [C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\preferences] - Znaleziono [Extension] : dajedkncpodkggklbegccjpmnglmnflm [C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\preferences] - Znaleziono [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma [C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\preferences] - Znaleziono [Extension] : eonffnnfmbfnmjpaiigdclmfelolemah [C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\preferences] - Znaleziono [Extension] : lomkpheldlbkkfiifcbfifipaofnmnkn [C:\Users\Rafal\AppData\Local\Google\Chrome\User Data\Default\preferences] - Znaleziono [Homepage] : hxxp://websearch.flyandsearch.info/?unqvl=59&idate=2014/08/15 ************************* AdwCleaner[R1].txt - [13501 octets] - [13/12/2014 12:35:57] AdwCleaner[R2].txt - [13563 octets] - [13/12/2014 16:36:35] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [13624 octets] ##########