# AdwCleaner v5.008 - Utworzono raport 22/09/2015 o 09:56:18 # Ostatnia aktualizacja 18/09/2015 przez Xplode # Baza danych : 2015-09-20.1 [Serwer] # System operacyjny : Windows 7 Professional Service Pack 1 (x64) # Nazwa użytkownika : admin - SEKRETARIATDELL # Lokalizacja programu : C:\Users\admin\Downloads\adwcleaner_5.008.exe # Działanie : Skanuj # Wsparcie : http://toolslib.net/forum ***** [ Usługi ] ***** ***** [ Foldery ] ***** Folder znaleziono : C:\Program Files (x86)\WinZipper Folder znaleziono : C:\ProgramData\WindowsMangerProtect Folder znaleziono : C:\ProgramData\MailUpdate Folder znaleziono : C:\ProgramData\IHProtectUpDate Folder znaleziono : C:\Users\admin\AppData\Local\Temp\apn Folder znaleziono : C:\Users\admin\AppData\Local\Temp\Clock Hand Folder znaleziono : C:\Users\admin\AppData\Roaming\MailUpdate Folder znaleziono : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\Extensions\fftoolbar2014@etech.com Folder znaleziono : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\Extensions\searchengine@gmail.com Folder znaleziono : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\Extensions\default_newtabff@gmail.com ***** [ Pliki ] ***** Plik znaleziono : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-homes.com_0.localstorage Plik znaleziono : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-homes.com_0.localstorage-journal Plik znaleziono : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.v9.com_0.localstorage Plik znaleziono : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.v9.com_0.localstorage-journal Plik znaleziono : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url Plik znaleziono : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\Extensions\defsearchp@gmail.com.xpi Plik znaleziono : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\searchplugins\delta-homes.xml Plik znaleziono : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\searchplugins\key-find.xml Plik znaleziono : C:\Windows\Sysnative\log\iSafeKrnlCall.log Plik znaleziono : C:\Windows\Sysnative\drivers\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gw64.sys ***** [ Skróty ] ***** ***** [ Zaplanowane zadania ] ***** ***** [ Rejestr ] ***** Klucz znaleziono : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Klucz znaleziono : HKCU\Software\Mozilla\Extends Wartość znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com] Wartość znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchengine@gmail.com] Wartość znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com] Wartość znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_searchff@gmail.com] Wartość znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com] Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5350-4500-76A7-7A786E7484D7} Klucz znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5350-4500-76A7-7A786E7484D7} Wartość znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] Wartość znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{1F91A9A1-01BA-4C81-863D-3BA0751E1419}] Wartość znaleziono : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F524A2D-5350-4500-76A7-7A786E7484D7}] Klucz znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Klucz znaleziono : HKU\.DEFAULT\Software\AskPartnerNetwork Klucz znaleziono : HKCU\Software\InstallCore Klucz znaleziono : HKCU\Software\V9 Klucz znaleziono : HKCU\Software\gameo Klucz znaleziono : HKCU\Software\PRODUCTSETUP Klucz znaleziono : HKLM\SOFTWARE\delta-homesSoftware Klucz znaleziono : HKLM\SOFTWARE\hdcode Klucz znaleziono : HKLM\SOFTWARE\SupDp Klucz znaleziono : HKLM\SOFTWARE\SupTab Klucz znaleziono : HKLM\SOFTWARE\supWindowsMangerProtect Klucz znaleziono : HKLM\SOFTWARE\V9 Klucz znaleziono : HKLM\SOFTWARE\IHProtect Klucz znaleziono : HKLM\SOFTWARE\FFPluginHp Klucz znaleziono : HKLM\SOFTWARE\PicexaSvc Klucz znaleziono : [x64] HKCU\Software\InstallCore Klucz znaleziono : [x64] HKCU\Software\V9 Klucz znaleziono : [x64] HKCU\Software\gameo Klucz znaleziono : [x64] HKCU\Software\PRODUCTSETUP Dane wartości znaleziono : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.key-find.com/web/?type=dspp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006&q={searchTerms} Dane wartości znaleziono : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.key-find.com/?type=hppp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006 Dane wartości znaleziono : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.key-find.com/?type=hppp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006 Dane wartości znaleziono : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.key-find.com/web/?type=dspp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006&q={searchTerms} Dane wartości znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.key-find.com/web/?type=ds&ts=1425545488&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006&q={searchTerms} Dane wartości znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.key-find.com/?type=hppp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006 Dane wartości znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.key-find.com/?type=hppp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006 Dane wartości znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.key-find.com/web/?type=ds&ts=1425545488&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006&q={searchTerms} Dane wartości znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.key-find.com/web/?type=ds&ts=1425545488&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006&q={searchTerms} Dane wartości znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.key-find.com/?type=hppp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006 Dane wartości znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.key-find.com/?type=hppp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006 Dane wartości znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.key-find.com/web/?type=ds&ts=1425545488&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006&q={searchTerms} Dane wartości znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.key-find.com/web/?type=dspp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006&q={searchTerms} Dane wartości znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.key-find.com/?type=hppp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006 Dane wartości znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.key-find.com/?type=hppp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006 Dane wartości znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.key-find.com/web/?type=dspp&ts=1425545516&from=cor&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006&q={searchTerms} Klucz znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Klucz znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Dane wartości znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Klucz znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Klucz znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7A9CA1BF-3B65-4953-901F-1BC8EAB0083E} Klucz znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} Klucz znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Klucz znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Dane wartości znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Klucz znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Klucz znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7A9CA1BF-3B65-4953-901F-1BC8EAB0083E} Klucz znaleziono : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} Klucz znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Klucz znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Dane wartości znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Klucz znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Klucz znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\SearchScopes\{7A9CA1BF-3B65-4953-901F-1BC8EAB0083E} Klucz znaleziono : HKU\S-1-5-21-1753952843-3757918047-2740733961-1002\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} ***** [ Przeglądarki internetowe ] ***** [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.defaultenginename", "delta-homes"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.searchengine.alias", "delta-homes"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.searchengine.iconURL", "hxxp://search.delta-homes.com/favicon.ico"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.searchengine.name", "delta-homes"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.searchengine.ptid", "wpm07163"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.searchengine.uid", "WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.searchengine.url", "hxxp://search.delta-homes.com/web/?type=ds&ts=1437040653&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm07163&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9[...] [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.selectedEngine", "delta-homes"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("browser.startup.homepage", "hxxp://www.v9.com?type=hp&ts=1438073962&from=mych123&uid=wdcxwd5000aakx-75u6aa0_wd-wcc2exk9600696006&z=fcb88000cc3ad52b6c380d6g4zccbb8eemacft0q9g"); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("extensions.quick_start.enable_search1", false); [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\64ru4ejg.default\prefs.js] [Preference] znaleziono : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); [C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] znaleziono : hxxp://search.delta-homes.com/webfavicon.ico [C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] znaleziono : hxxp://search.delta-homes.com/web/?type=ds&ts=1437040653&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=wpm07163&uid=WDCXWD5000AAKX-75U6AA0_WD-WCC2EXK9600696006&q={searchTerms} [C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] znaleziono : hxxp://www.v9.com?type=hp&ts=1438073962&from=mych123&uid=wdcxwd5000aakx-75u6aa0_wd-wcc2exk9600696006&z=fcb88000cc3ad52b6c380d6g4zccbb8eemacft0q9g [C:\Users\Dyrekcja\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] znaleziono : hxxp://www.v9.com?type=hp&ts=1438073962&from=mych123&uid=wdcxwd5000aakx-75u6aa0_wd-wcc2exk9600696006&z=fcb88000cc3ad52b6c380d6g4zccbb8eemacft0q9g [C:\Users\Dyrekcja\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] znaleziono : hxxp://www.v9.com?type=hp&ts=1438073962&from=mych123&uid=wdcxwd5000aakx-75u6aa0_wd-wcc2exk9600696006&z=fcb88000cc3ad52b6c380d6g4zccbb8eemacft0q9g ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15187 bajty] ##########