# AdwCleaner v5.028 - Utworzono raport 06/01/2016 o 18:27:16
# Ostatnia aktualizacja 04/01/2016 przez Xplode
# Baza danych : 2016-01-04.2 [Serwer]
# System operacyjny : Windows 7 Home Premium Service Pack 1 (x64)
# Nazwa użytkownika : euro - EURO-KOMPUTER
# Lokalizacja programu : C:\Users\euro\Desktop\adwcleaner_5.028.exe
# Działanie : Skanuj
# Wsparcie : http://toolslib.net/forum

***** [ Usługi ] *****

Usługa znaleziono : QtypeSvc
Usługa znaleziono : WindowsMangerProtect
Usługa znaleziono : mylynegezbt

***** [ Foldery ] *****

Folder znaleziono : C:\Program Files (x86)\GreenTree Applications
Folder znaleziono : C:\Program Files (x86)\QType
Folder znaleziono : C:\Program Files (x86)\Innovative Solutions
Folder znaleziono : C:\Program Files (x86)\GUPlayer
Folder znaleziono : C:\Program Files (x86)\23BDBE80-1451552637-11B2-8000-DCDD57A80D72
Folder znaleziono : C:\Program Files (x86)\gmsd_pl_005010192
Folder znaleziono : C:\Program Files (x86)\gmsd_pl_005010199
Folder znaleziono : C:\Program Files (x86)\gmsd_pl_005010192
Folder znaleziono : C:\Program Files (x86)\gmsd_pl_005010199
Folder znaleziono : C:\ProgramData\ytd video downloader
Folder znaleziono : C:\ProgramData\Tmp0x0x
Folder znaleziono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder znaleziono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Folder znaleziono : C:\Users\euro\AppData\Local\gmsd_pl_005010192
Folder znaleziono : C:\Users\euro\AppData\Local\gmsd_pl_005010199
Folder znaleziono : C:\Users\euro\AppData\Local\gmsd_pl_005010192
Folder znaleziono : C:\Users\euro\AppData\Local\gmsd_pl_005010199
Folder znaleziono : C:\Users\euro\AppData\Local\23BDBE80-1451556353-11B2-8000-DCDD57A80D72
Folder znaleziono : C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
Folder znaleziono : C:\Users\euro\AppData\Roaming\Systweak
Folder znaleziono : C:\Users\euro\AppData\Roaming\VOPackage
Folder znaleziono : C:\Users\euro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder znaleziono : C:\Users\euro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QType
Folder znaleziono : C:\Users\euro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer

***** [ Pliki ] *****

Plik znaleziono : C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.xpgamesaves.com_0.localstorage-journal
Plik znaleziono : C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_downspeedtest.dl.myway.com_0.localstorage
Plik znaleziono : C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_downspeedtest.dl.myway.com_0.localstorage-journal
Plik znaleziono : C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_downspeedtest.dl.tb.ask.com_0.localstorage
Plik znaleziono : C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_downspeedtest.dl.tb.ask.com_0.localstorage-journal
Plik znaleziono : C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_hp.myway.com_0.localstorage
Plik znaleziono : C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_hp.myway.com_0.localstorage-journal
Plik znaleziono : C:\Users\euro\Desktop\GUPlayer.lnk
Plik znaleziono : C:\Windows\SysNative\roboot64.exe

***** [ DLL ] *****


***** [ Skróty ] *****

Skrót Zainfekowany : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=1451553951&z=b2b6c0369c6800f18f8aa8fg2zdw6g3w7wccdtaw2e&from=face&uid=TOSHIBAXMK5065GSX_114HC2Q8TXX114HC2Q8T )

***** [ Zaplanowane zadania ] *****


***** [ Rejestr ] *****

Klucz znaleziono : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klucz znaleziono : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klucz znaleziono : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Wartość znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_pl_005010192]
Wartość znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_pl_005010199]
Klucz znaleziono : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klucz znaleziono : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Klucz znaleziono : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klucz znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Klucz znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klucz znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Klucz znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Klucz znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klucz znaleziono : HKCU\Software\InstallCore
Klucz znaleziono : HKCU\Software\Tutorials
Klucz znaleziono : HKCU\Software\TutoTag
Klucz znaleziono : HKCU\Software\VIS
Klucz znaleziono : HKCU\Software\GAMESDESKTOP
Klucz znaleziono : HKCU\Software\Microsoft\Tinstalls
Klucz znaleziono : HKCU\Software\dobreprogramy
Klucz znaleziono : HKLM\SOFTWARE\Tutorials
Klucz znaleziono : HKLM\SOFTWARE\VIS
Klucz znaleziono : HKLM\SOFTWARE\GAMESDESKTOP
Klucz znaleziono : HKLM\SOFTWARE\yoursearchingSoftware
Klucz znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GUPlayer
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_pl_005010192_is1
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_pl_005010199_is1
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_pl_005010192_is1
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_pl_005010199_is1
Dane wartości znaleziono : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.yoursearching.com/?type=sc&ts=1451553951&z=b2b6c0369c6800f18f8aa8fg2zdw6g3w7wccdtaw2e&from=face&uid=TOSHIBAXMK5065GSX_114HC2Q8TXX114HC2Q8T
Dane wartości znaleziono : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.yoursearching.com/?type=sc&ts=1451553951&z=b2b6c0369c6800f18f8aa8fg2zdw6g3w7wccdtaw2e&from=face&uid=TOSHIBAXMK5065GSX_114HC2Q8TXX114HC2Q8T

***** [ Przeglądarki internetowe ] *****

[C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] znaleziono : hxxp://yoursearching.com/wefavicon.ico
[C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] znaleziono : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] znaleziono : fcfenmboojpjinhpgggodefccipikbpd
[C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] znaleziono : oiokahphinmbmakkehgelkmpolmnbkdh
[C:\Users\euro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] znaleziono : hxxp://www.yoursearching.com/?type=hp&ts=1451553951&z=b2b6c0369c6800f18f8aa8fg2zdw6g3w7wccdtaw2e&from=face&uid=TOSHIBAXMK5065GSX_114HC2Q8TXX114HC2Q8T

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [8264 bajty] ##########