# AdwCleaner v4.112 - Logfile created 14/03/2015 at 13:46:10
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Czarny - CZARNY-PC
# Running from : C:\Users\Czarny\Downloads\adwcleaner_4.112.exe
# Option : Scan

***** [ Services ] *****

Service Found : {00aec75d-051f-41a9-9837-e94ac4f56303}Gw64
Service Found : {02bbe9df-d3b0-43f4-8dcb-e24500d3308f}Gw64
Service Found : {1de2a23f-1c23-4ea1-8ef4-79bc5c5cea78}Gw64
Service Found : {21abe523-36e2-4dad-9e0e-8fe9f0be1916}Gw64
Service Found : {32c6b9d7-6b2c-4b03-9178-01abbf9c7194}Gw64
Service Found : {336e37ae-3235-4f16-98ec-8cdf679be7d2}Gw64
Service Found : {3b808196-ff63-49ee-b33b-efdf51723eca}Gw64
Service Found : {3fa44d1f-c300-4673-a8c1-5ba05468b4bd}Gw64
Service Found : {4096aedf-3f28-4c8e-aebe-00255138fa8a}Gw64
Service Found : {5d78e0ee-ca60-46a4-9492-4f24429cc925}Gw64
Service Found : {84e24724-32a5-4ef8-b981-cc669543b4a4}Gw64
Service Found : {949aba83-1d7f-4d0b-b0ba-203450825231}Gw64
Service Found : {94c4b27a-8cb1-4214-9d76-87c59a8cf657}Gw64
Service Found : {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64
Service Found : {c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw64
Service Found : {e9629596-2cbd-4eea-9329-7470e8b0fdae}Gw64
Service Found : {fce396ae-d8d1-4789-946e-2106fbe4292b}Gw64
Service Found : {fd600559-a688-4110-b9b9-0f1a9beae8ae}Gw64

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
File Found : C:\Users\Czarny\AppData\Roaming\LiveSupport.exe_log.txt
File Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\{c61f6471-95aa-405a-be3a-f3b2dc07fdfa}.xpi
File Found : C:\Users\Czarny\AppData\Roaming\regsvr32.exe_log.txt
File Found : C:\Windows\System32\drivers\{00aec75d-051f-41a9-9837-e94ac4f56303}Gw64.sys
File Found : C:\Windows\System32\drivers\{02bbe9df-d3b0-43f4-8dcb-e24500d3308f}Gw64.sys
File Found : C:\Windows\System32\drivers\{1de2a23f-1c23-4ea1-8ef4-79bc5c5cea78}Gw64.sys
File Found : C:\Windows\System32\drivers\{21abe523-36e2-4dad-9e0e-8fe9f0be1916}Gw64.sys
File Found : C:\Windows\System32\drivers\{32c6b9d7-6b2c-4b03-9178-01abbf9c7194}Gw64.sys
File Found : C:\Windows\System32\drivers\{336e37ae-3235-4f16-98ec-8cdf679be7d2}Gw64.sys
File Found : C:\Windows\System32\drivers\{3b808196-ff63-49ee-b33b-efdf51723eca}Gw64.sys
File Found : C:\Windows\System32\drivers\{3fa44d1f-c300-4673-a8c1-5ba05468b4bd}Gw64.sys
File Found : C:\Windows\System32\drivers\{4096aedf-3f28-4c8e-aebe-00255138fa8a}Gw64.sys
File Found : C:\Windows\System32\drivers\{5d78e0ee-ca60-46a4-9492-4f24429cc925}Gw64.sys
File Found : C:\Windows\System32\drivers\{84e24724-32a5-4ef8-b981-cc669543b4a4}Gw64.sys
File Found : C:\Windows\System32\drivers\{949aba83-1d7f-4d0b-b0ba-203450825231}Gw64.sys
File Found : C:\Windows\System32\drivers\{94c4b27a-8cb1-4214-9d76-87c59a8cf657}Gw64.sys
File Found : C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys
File Found : C:\Windows\System32\drivers\{c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw64.sys
File Found : C:\Windows\System32\drivers\{e9629596-2cbd-4eea-9329-7470e8b0fdae}Gw64.sys
File Found : C:\Windows\System32\drivers\{fce396ae-d8d1-4789-946e-2106fbe4292b}Gw64.sys
File Found : C:\Windows\System32\drivers\{fd600559-a688-4110-b9b9-0f1a9beae8ae}Gw64.sys
Folder Found : C:\Program Files (x86)\AdvanceElite
Folder Found : C:\Program Files (x86)\BuyNsave
Folder Found : C:\Program Files (x86)\BuyNsave
Folder Found : C:\Program Files (x86)\CheapiMe
Folder Found : C:\Program Files (x86)\CheaPMe
Folder Found : C:\Program Files (x86)\Happyi2SaVe
Folder Found : C:\Program Files (x86)\JJOniCoupon
Folder Found : C:\Program Files (x86)\MinnimUmPriice
Folder Found : C:\Program Files (x86)\ReGularrDealis
Folder Found : C:\Program Files (x86)\RoeguluaRDeaLs
Folder Found : C:\Program Files (x86)\SavoeraExTEnsion
Folder Found : C:\Program Files (x86)\ShOppDraoop
Folder Found : C:\Program Files (x86)\Smart Saver
Folder Found : C:\Program Files (x86)\YoutubeAdBlocke
Folder Found : C:\ProgramData\ae9e7b0780ecf0c8
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\baidu
Folder Found : C:\ProgramData\DeoaLEXpruess
Folder Found : C:\ProgramData\FindBeestDeAlu
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Found : C:\ProgramData\mjeanpkegnpfpcdngfofiiheehonoilp
Folder Found : C:\ProgramData\mjeanpkegnpfpcdngfofiiheehonoilp
Folder Found : C:\ProgramData\ndoeffipmkffjipijjhknoneefhlkopn
Folder Found : C:\ProgramData\ndoeffipmkffjipijjhknoneefhlkopn
Folder Found : C:\ProgramData\nmadlddbkdehcaahlfiaomjfnppicbkn
Folder Found : C:\ProgramData\nmadlddbkdehcaahlfiaomjfnppicbkn
Folder Found : C:\Users\Czarny\AppData\Roaming\EZDownloader
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\38KJ@L4.edu
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\5HU@k.org
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\7BM@hG5Pf1rL.edu
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\cQx@J5.org
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\Ei@x.com
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\EsQO6@ds5.com
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\fpeerkhdvbzzkiktfc@yagkaizzsr_zicy.com
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\KmjKNA@2Fy3.org
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\s4X2@P.net
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\waP@Vfz.net
Folder Found : C:\Users\Czarny\AppData\Roaming\Mozilla\Firefox\Profiles\at8aikv2.default\Extensions\z@IvNBAsER.com
Folder Found : C:\Users\Czarny\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Czarny\AppData\Roaming\RHEng
Folder Found : C:\Users\Czarny\AppData\Roaming\SkypEmoticons

***** [ Scheduled tasks ] *****

Task Found : StormFall TW1
Task Found : StormFall TW2
Task Found : StormFall W2
Task Found : StormFall W1

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\LiveSupport
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\LiveSupport
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8ea83ba5-d476-4baa-b08e-4042766a8494}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\P8ea83ba5_d476_4baa_b08e_4042766a8494_.P8ea83ba5_d476_4baa_b08e_4042766a8494_
Key Found : HKLM\SOFTWARE\Classes\P8ea83ba5_d476_4baa_b08e_4042766a8494_.P8ea83ba5_d476_4baa_b08e_4042766a8494_.9
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ea83ba5-d476-4baa-b08e-4042766a8494}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8ea83ba5-d476-4baa-b08e-4042766a8494}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5965d732}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{842C4394-47F7-60DE-480B-C09116B63559}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Key Found : HKLM\SOFTWARE\mystartsearchSoftware
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{8ea83ba5-d476-4baa-b08e-4042766a8494}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ea83ba5-d476-4baa-b08e-4042766a8494}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&ts=1417946406&from=wpc&uid=WDCXWD20EZRX-00D8PB0_WD-WCC4M197395973959
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1417946406&from=wpc&uid=WDCXWD20EZRX-00D8PB0_WD-WCC4M197395973959&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&ts=1417946406&from=wpc&uid=WDCXWD20EZRX-00D8PB0_WD-WCC4M197395973959
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1417946406&from=wpc&uid=WDCXWD20EZRX-00D8PB0_WD-WCC4M197395973959&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1417946406&from=wpc&uid=WDCXWD20EZRX-00D8PB0_WD-WCC4M197395973959&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hp&ts=1417946406&from=wpc&uid=WDCXWD20EZRX-00D8PB0_WD-WCC4M197395973959
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1417946406&from=wpc&uid=WDCXWD20EZRX-00D8PB0_WD-WCC4M197395973959&q={searchTerms}

-\\ Mozilla Firefox v35.0.1 (x86 pl)

[at8aikv2.default] - Line Found : user_pref("browser.search.selectedEngine", "mystartsearch");
[at8aikv2.default] - Line Found : user_pref("extensions.1FTIInrlCQrOeism.url", "hxxp://sweetdiaryset.info/sync2/?q=hfZ9oeZJh7YMCyVUojw6qjUMg708BNmGWj8njchGheDUojw8rdsFpja5rHgGpihIC7n0rjkErTsFrjkGqjw8tNhVCT94tMVKhd9FqTk8rHa9qdr9qjr4qdg[...]

-\\ Opera v24.0.1558.64


-\\ Chrome Canary v41.0.2241.0

[C:\Users\Czarny\AppData\Local\Google\Chrome SxS\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.softonic.pl/s/{searchTerms}
*************************

AdwCleaner[R0].txt - [4700 bytes] - [04/10/2014 20:11:27]
AdwCleaner[R1].txt - [12168 bytes] - [14/03/2015 13:46:10]
AdwCleaner[S0].txt - [4229 bytes] - [04/10/2014 20:12:27]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [12287 bytes] ##########