# AdwCleaner v3.023 - Log utworzony 22/04/2014 o 14:06:04 # Aktualizacja 01/04/2014 przez Xplode # System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits) # Użytkownik : awk - AWK-KOMPUTER # Ścieżka : F:\Konserwacja 09.2014\Usuwanie trojanów 2014\AdwCleaner 2.306 F_X_8\AdwCleaner 04.2014.exe # Opcja : Szukaj ***** [ Usługi ] ***** Usługa Znaleziono : Update FindRight Usługa Znaleziono : Wpm ***** [ Pliki / Foldery ] ***** Folder Znaleziono : C:\Users\awk\AppData\Roaming\Mozilla\Firefox\Profiles\eomo5ky1.default\Extensions\quick_start@gmail.com Folder Znaleziono : C:\Users\awk\AppData\Roaming\Mozilla\Firefox\Profiles\eomo5ky1.default\Extensions\sitefinder@sitefinder.com Folder Znaleziono C:\Program Files (x86)\FindRight Folder Znaleziono C:\Program Files (x86)\fst_pl_96 Folder Znaleziono C:\Program Files (x86)\SimilarSites Folder Znaleziono C:\ProgramData\WPM Folder Znaleziono C:\Users\awk\AppData\Local\Freesofttoday Folder Znaleziono C:\Users\awk\AppData\Local\fst_pl_96 Folder Znaleziono C:\Users\awk\AppData\Local\iac Folder Znaleziono C:\Users\awk\AppData\Local\lollipop Folder Znaleziono C:\Users\awk\AppData\Roaming\Mozilla\Firefox\Profiles\eomo5ky1.default\Allin1Convert_8h Folder Znaleziono C:\Users\awk\AppData\Roaming\SimilarSites Plik Znaleziono : C:\Users\awk\AppData\Roaming\Mozilla\Firefox\Profiles\eomo5ky1.default\searchplugins\ask-web-search.xml Plik Znaleziono : C:\Users\awk\AppData\Roaming\Mozilla\Firefox\Profiles\eomo5ky1.default\user.js ***** [ Skróty ] ***** ***** [ Rejestr ] ***** Dane Znaleziono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1393951948&from=cor&uid=HitachiXHTS545050A7E380_TE85313R0D420K0D420KX Klucz Znaleziono : HKCU\Software\InstallCore Klucz Znaleziono : HKCU\Software\lollipop Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C774641-5504-46A8-B63F-6715AE3FE376} Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD1A63BA-A08C-431B-9A34-F240AADC728D} Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C774641-5504-46A8-B63F-6715AE3FE376} Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD1A63BA-A08C-431B-9A34-F240AADC728D} Klucz Znaleziono : HKCU\Software\Softonic Klucz Znaleziono : HKCU\Software\Tutorials Klucz Znaleziono : HKCU\Software\TutoTag Klucz Znaleziono : [x64] HKCU\Software\InstallCore Klucz Znaleziono : [x64] HKCU\Software\lollipop Klucz Znaleziono : [x64] HKCU\Software\Softonic Klucz Znaleziono : [x64] HKCU\Software\Tutorials Klucz Znaleziono : [x64] HKCU\Software\TutoTag Klucz Znaleziono : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector Klucz Znaleziono : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1 Klucz Znaleziono : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Klucz Znaleziono : HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745} Klucz Znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124} Klucz Znaleziono : HKLM\Software\free_soft_to_day Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fst_pl_96_is1 Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm Klucz Znaleziono : HKLM\Software\supWPM Klucz Znaleziono : HKLM\Software\sweet-pageSoftware Klucz Znaleziono : HKLM\Software\Tutorials Klucz Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Wartość Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Allin1Convert_8h Browser Plugin Loader 64] Wartość Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_pl_96] Wartość Znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com] ***** [ Przeglądarki internetowe ] ***** -\\ Internet Explorer v8.0.7601.17514 Ustawienie Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.sweet-page.com/web/?type=ds&ts=1393951948&from=cor&uid=HitachiXHTS545050A7E380_TE85313R0D420K0D420KX&q={searchTerms} Ustawienie Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.sweet-page.com/web/?type=ds&ts=1393951948&from=cor&uid=HitachiXHTS545050A7E380_TE85313R0D420K0D420KX&q={searchTerms} Ustawienie Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.sweet-page.com/web/?type=ds&ts=1393951948&from=cor&uid=HitachiXHTS545050A7E380_TE85313R0D420K0D420KX&q={searchTerms} Ustawienie Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.sweet-page.com/web/?type=ds&ts=1393951948&from=cor&uid=HitachiXHTS545050A7E380_TE85313R0D420K0D420KX&q={searchTerms} -\\ Mozilla Firefox v [ Plik : C:\Users\awk\AppData\Roaming\Mozilla\Firefox\Profiles\eomo5ky1.default\prefs.js ] Wpis znaleziony : user_pref("browser.search.defaultenginename", "Ask Web Search"); Wpis znaleziony : user_pref("extensions.mywebsearch.prevKwdEnabled", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.BUTTON_STRUCTURE", "[{\"b\":221360012,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221360013,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...] Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.prev", "sweet-page"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.savedPrev", "true"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.tb", "Ask Web Search"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.prev", "sweet-page"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.savedPrev", "true"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.tb", "Ask Web Search"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.prev", "hxxp://www.gazeta.pl/0,0.html?p=128"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.savedPrev", "true"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=9C95B86C-085E-456C-B9FC-2F37172DBCE8&n=780baa56&p2=^AYY^xdm067^YYA^pl&si=flvru[...] Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.prev", 3); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.savedPrev", 1); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.tb", 1); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.firstKnownVersion", "5.79.3.25578"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=9C95B86C-085E-456C-B9FC-2F37172DBCE8&n=780baa56&p2=^AYY^xdm067^YYA^pl&si=flvrunner"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.enabled", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.lastGuardTime", -1553744679); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.numGuards", 1); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.initialized", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.installKeysSource", "File"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.contextKey", ""); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.installDate", "2014030422"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerId", "^AYY^xdm067^YYA^pl"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerSubId", "flvrunner"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.success", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.toolbarId", "9C95B86C-085E-456C-B9FC-2F37172DBCE8"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.isCompliantUninstallImplementation", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.lastActivePing", "1397817796546"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.lastKnownVersion", "6.20.3.33717"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.options.defaultSearch", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.options.homePageEnabled", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.options.keywordEnabled", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.options.tabEnabled", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.toolbarCollapsed", false); Wpis znaleziony : user_pref("extensions.toolbar.mindspark._8hMembers_.weather.location", "10001"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark.hp.enabled", true); Wpis znaleziony : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "allin1convert@mindspark.com"); Wpis znaleziony : user_pref("extensions.toolbar.mindspark.lastInstalled", "allin1convert@mindspark.com"); -\\ Google Chrome v34.0.1847.116 [ Plik : C:\Users\awk\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [10081 octets] - [22/04/2014 14:06:04] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10142 octets] ##########