======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\AD-REMOVER\main.exe (SCAN [1]) -> Launched at 20:17:53 on 31/08/2011, Normal boot Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) PC@MACIEK1998 ( ) ============== SEARCH ============== Folder found: C:\Program Files\Windows Searchqu Toolbar Folder found: C:\Program Files\AutocompletePro Key found: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E} Key found: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Key found: HKLM\Software\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020} Key found: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C} Key found: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C} Key found: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB} Key found: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Key found: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key found: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key found: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870E} Key found: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870E} Key found: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7D} Key found: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Key found: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971} Key found: HKLM\Software\Classes\BandooCore.BandooCore Key found: HKLM\Software\Classes\BandooCore.BandooCore.1 Key found: HKLM\Software\Classes\BandooCore.ResourcesMngr Key found: HKLM\Software\Classes\BandooCore.ResourcesMngr.1 Key found: HKLM\Software\Classes\BandooCore.SettingsMngr Key found: HKLM\Software\Classes\BandooCore.SettingsMngr.1 Key found: HKLM\Software\Classes\BandooCore.StatisticMngr Key found: HKLM\Software\Classes\BandooCore.StatisticMngr.1 Key found: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery Key found: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1 Key found: HKLM\Software\Classes\AppID\BandooCore.EXE Key found: HKLM\Software\bandoo Key found: HKLM\Software\DataMngr Key found: HKLM\Software\MyGlobalSearch Key found: HKLM\Software\PopCap Key found: HKCU\Software\DataMngr Key found: HKCU\Software\SearchquMediabarTb Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Bandoo Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\RelevantKnowledge Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{014DA6C1-189F-421A-88CD-07CFE51CFF10} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Value found: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== **** Internet Explorer Version [8.0.6001.18702] **** HKLM_Main|Default_Page_URL - hxxp://www.gazeta.pl/0,0.html?p=108 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_URLSearchHooks|{A3BC75A2-1F87-4686-AA43-5347D756017C} - "AVG Security Toolbar BHO" (C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll) HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4) HKCU_SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - "Search the web (Babylon)" (hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627) HKCU_SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} - "Web Search" (hxxp://www.searchqu.com/web?src=ieb&q={searchTerms}) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Web Search" (hxxp://search.autocompletepro.com/?si=7148&bi=400&q={searchTerms}) HKLM_SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} - "Web Search" (hxxp://www.searchqu.com/web?src=ieb&q={searchTerms}) HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll) HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x) HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll) HKLM_ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} - C:\Program Files\Bandoo\BndCore.exe (x) HKLM_ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} - C:\Program Files\Bandoo\ExtensionsManager.exe (x) HKLM_ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} - C:\Program Files\Bandoo\Bandoo.exe (x) HKLM_ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe (?) HKLM_ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} - C:\Program Files\Bandoo\BandooUI.exe (x) HKLM_Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - "Create Mobile Favorite" (C:\PROGRA~1\MICROS~4\INetRepl.dll,210) HKLM_Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{A3BC75A2-1F87-4686-AA43-5347D756017C} - "AVG Security Toolbar BHO" (C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll) BHO\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - "IEPluginBHO Class" (C:\Documents and Settings\PC.AMA_PC\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll) ======================================== C:\Program Files\AD-REMOVER\Quarantine: 0 File(s) C:\Program Files\AD-REMOVER\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 31/08/2011 20:18:57 (531 Byte(s)) End at: 20:19:31, 31/08/2011 ============== E.O.F ==============