# AdwCleaner v5.023 - Utworzono raport 05/12/2015 o 14:39:25
# Ostatnia aktualizacja 30/11/2015 przez Xplode
# Baza danych : 2015-12-03.1 [Serwer]
# System operacyjny : Windows 8.1  (x64)
# Nazwa użytkownika : Natalia - NATALKA
# Lokalizacja programu : C:\Users\Natalia\Desktop\adwcleaner_5.023.exe
# Działanie : Skanuj
# Wsparcie : http://toolslib.net/forum

***** [ Usługi ] *****

Usługa znaleziono : tcfd_vw_1_10_0_24
Usługa znaleziono : wafd_1_10_0_19
Usługa znaleziono : Update Solution Real
Usługa znaleziono : Util Solution Real

***** [ Foldery ] *****

Folder znaleziono : C:\Program Files (x86)\predm
Folder znaleziono : C:\Program Files (x86)\Solution Real
Folder znaleziono : C:\Program Files (x86)\Solution Real
Folder znaleziono : C:\ProgramData\IePluginService
Folder znaleziono : C:\ProgramData\WPM
Folder znaleziono : C:\Users\Natalia\AppData\Local\StormFall
Folder znaleziono : C:\Users\Natalia\AppData\Roaming\eCyber
Folder znaleziono : C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\11qa77vw.default\Extensions\sweetsearch@gmail.com
Folder znaleziono : C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\11qa77vw.default\Extensions\defsearchp@gmail.com

***** [ Pliki ] *****

Plik znaleziono : C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\11qa77vw.default\searchplugins\istartsurf.xml
Plik znaleziono : C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\11qa77vw.default\searchplugins\mystartsearch.xml
Plik znaleziono : C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\11qa77vw.default\searchplugins\sweet-page.xml

***** [ DLL ] *****


***** [ Skróty ] *****

Skrót Zainfekowany : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\The Witcher 2 - Assassins of Kings\Play The Witcher 2 - Assassins of Kings.lnk ( hxxp://www.mystartsearch.com/?type=sc&ts=1443865678&z=4372d6f78e54e349a3111b4g8z2zbc5beqdw4z4mcz&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362 )
Skrót Zainfekowany : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&ts=1443865678&z=4372d6f78e54e349a3111b4g8z2zbc5beqdw4z4mcz&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362 )
Skrót Zainfekowany : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cdp.pl\Wiedźmin Edycja Rozszerzona\Wiedźmin Edycja Rozszerzona.lnk ( hxxp://www.mystartsearch.com/?type=sc&ts=1443865678&z=4372d6f78e54e349a3111b4g8z2zbc5beqdw4z4mcz&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362 )
Skrót Zainfekowany : C:\Users\Natalia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&ts=1443865678&z=4372d6f78e54e349a3111b4g8z2zbc5beqdw4z4mcz&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362 )
Skrót Zainfekowany : C:\Users\Natalia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.mystartsearch.com/?type=sc&ts=1443865678&z=4372d6f78e54e349a3111b4g8z2zbc5beqdw4z4mcz&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362 )

***** [ Zaplanowane zadania ] *****

Zadanie znaleziono : bench-sys
Zadanie znaleziono : bench-Updater removing
Zadanie znaleziono : bench-sys
Zadanie znaleziono : bench-Updater removing
Zadanie znaleziono : bench-sys

***** [ Rejestr ] *****

Klucz znaleziono : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Klucz znaleziono : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Klucz znaleziono : HKCU\Software\Mozilla\Extends
Klucz znaleziono : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Solution Real
Klucz znaleziono : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util Solution Real
Wartość znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_pl_89]
Wartość znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Wartość znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{C0B1016F-B7E5-46F0-B415-6BF9E55AB00D}
Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{7A38E53C-E000-41E4-9B5A-47447DB81C2B}
Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
Klucz znaleziono : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klucz znaleziono : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klucz znaleziono : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klucz znaleziono : HKLM\SOFTWARE\Classes\Interface\{1D2E52D0-C2AE-493E-BA52-2425A042D491}
Klucz znaleziono : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klucz znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Klucz znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{067740F7-08E9-47C4-968D-5608B2014D50}
Klucz znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{9D99FA76-F233-472A-BE64-216CB861ABBE}
Klucz znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0B1016F-B7E5-46F0-B415-6BF9E55AB00D}
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A38E53C-E000-41E4-9B5A-47447DB81C2B}
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klucz znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{444785F1-DE89-4295-863A-D46C3A781394}
Klucz znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Wartość znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Wartość znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}]
Wartość znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
Klucz znaleziono : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klucz znaleziono : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klucz znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klucz znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klucz znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{1D2E52D0-C2AE-493E-BA52-2425A042D491}
Klucz znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klucz znaleziono : HKCU\Software\Headlight
Klucz znaleziono : HKCU\Software\InstallCore
Klucz znaleziono : HKCU\Software\Softonic
Klucz znaleziono : HKCU\Software\TutoTag
Klucz znaleziono : HKCU\Software\PRODUCTSETUP
Klucz znaleziono : HKCU\Software\Mozilla\Extends
Klucz znaleziono : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klucz znaleziono : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klucz znaleziono : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klucz znaleziono : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Klucz znaleziono : HKLM\SOFTWARE\AdvertisingSupport
Klucz znaleziono : HKLM\SOFTWARE\Bench
Klucz znaleziono : HKLM\SOFTWARE\Discount Dragon
Klucz znaleziono : HKLM\SOFTWARE\do-searchSoftware
Klucz znaleziono : HKLM\SOFTWARE\free_soft_to_day
Klucz znaleziono : HKLM\SOFTWARE\IePlugin
Klucz znaleziono : HKLM\SOFTWARE\istartsurfSoftware
Klucz znaleziono : HKLM\SOFTWARE\qone8Software
Klucz znaleziono : HKLM\SOFTWARE\sweet-pageSoftware
Klucz znaleziono : HKLM\SOFTWARE\Tutorials
Klucz znaleziono : HKLM\SOFTWARE\Wpm
Klucz znaleziono : HKLM\SOFTWARE\mystartsearchSoftware
Klucz znaleziono : HKLM\SOFTWARE\FFPluginHp
Klucz znaleziono : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klucz znaleziono : HKU\S-1-5-19\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Klucz znaleziono : HKU\S-1-5-20\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Dane wartości znaleziono : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://do-search.com/web/?type=ds&ts=1429100351&from=cor&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362&q={searchTerms}
Dane wartości znaleziono : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://do-search.com/web/?type=ds&ts=1429100351&from=cor&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362&q={searchTerms}
Dane wartości znaleziono : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hppp&ts=1436004170&z=26e8c3fba88e796efb33bc5g9z7c0qee1e1zbg1q5b&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362
Dane wartości znaleziono : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hppp&ts=1436004170&z=26e8c3fba88e796efb33bc5g9z7c0qee1e1zbg1q5b&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362
Dane wartości znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hppp&ts=1436004170&z=26e8c3fba88e796efb33bc5g9z7c0qee1e1zbg1q5b&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362
Dane wartości znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hppp&ts=1436004170&z=26e8c3fba88e796efb33bc5g9z7c0qee1e1zbg1q5b&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362
Dane wartości znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hppp&ts=1436004170&z=26e8c3fba88e796efb33bc5g9z7c0qee1e1zbg1q5b&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362
Dane wartości znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hppp&ts=1436004170&z=26e8c3fba88e796efb33bc5g9z7c0qee1e1zbg1q5b&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362
Klucz znaleziono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Klucz znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dane wartości znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dane wartości znaleziono : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\suptab\search~1.dll
Dane wartości znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL 

***** [ Przeglądarki internetowe ] *****

[C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\11qa77vw.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.defaultenginename", "mystartsearch");
[C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\11qa77vw.default\prefs.js] [Preference] znaleziono : user_pref("browser.search.selectedEngine", "mystartsearch");
[C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\11qa77vw.default\prefs.js] [Preference] znaleziono : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=1443865678&z=4372d6f78e54e349a3111b4g8z2zbc5beqdw4z4mcz&from=cornl&uid=WDCXWD15EVDS-63V9B1_WD-WMAVU427336273362");

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [11741 bajty] ##########