======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 17:40:49 on 01/09/2011, Normal boot Microsoft Windows 7 Home Premium Service Pack 1 (X64) AwU@AWU (SAMSUNG ELECTRONICS CO., LTD. RC410/RC510/RC710) ============== SEARCH ============== Folder found: C:\Users\AwU\AppData\Local\Conduit Folder found: C:\Users\AwU\AppData\LocalLow\Conduit Folder found: C:\Program Files (x86)\Conduit Key found: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\Toolbar.CT2790392 Key found: HKLM\Software\Conduit Key found: HKLM\Software\Trymedia Systems Key found: HKCU\Software\DataMngr Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899} Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} ============== ADDITIONNAL SCAN ============== **** Google Chrome Version [13.0.782.218] **** Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?) Extension\mhfdcmehmjcclgopdodkjdicohagipid (C:\Users\AwU\AppData\Local\Temp\crx59C8.tmp) (x) Extension\mjdepfkicdcciagbigfcmdhknnoaaegf (C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx) (?) -- C:\Users\AwU\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (hxxp://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F) Preferences - homepage: hxxp://www.qooqlle.com/ Preferences - homepage_is_newtabpage: false Plugin - Chrome NaCl (Enabled: false) (C:\Users\AwU\AppData\Local\Google\Chrome\Application\13.0.782.218\ppGoogleNaClPluginChrome.dll) Plugin - WordCaptureX (Enabled: true) (C:\Users\AwU\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf\1.1_0\npWCX.dll) Plugin - Bing Bar (Enabled: true) (C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll) Plugin - RealJukebox NS Plugin (Enabled: true) (C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll) Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - "Chrome NaCl" (Enabled: false) Plugin - "WordCaptureX" (Enabled: true) Plugin - "Bing Bar" (Enabled: true) Plugin - "RealJukebox NS Plugin" (Enabled: true) Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true) Plugin - "Nexon Game Controller" (Enabled: true) ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://samsung.msn.com HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://samsung.msn.com HKCU_URLSearchHooks|{88c7f2aa-f93f-432c-8f0e-b7d85967a527} (x) HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=119&systemid=406&q={searchTerms}) HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - " " (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x) HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{8DDBEC40-04EE-40E2-9AA5-AFE0025E0339} - C:\Program Files\Samsung AnyWeb Print\W2PServer.exe (?) HKLM_ElevationPolicy\{8F8B9874-CBDA-468E-87D1-E96A57B9222F} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\dtUser.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_ElevationPolicy\{C804A76B-FC71-47f6-B8B2-7D83C520864F} - C:\Program Files\Samsung AnyWeb Print\GwHH.exe (?) HKLM_Extensions\{328ECD19-C167-40eb-A0C7-16FE7634105E} - "Samsung AnyWeb Print" (C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll,300) HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Wyślij do interfejsu Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico) BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll) BHO\{AA609D72-8482-4076-8991-8CDAE5B93BCB} - "W2PBrowser Class" (C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll) BHO\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - "IplexToALLPlayer" (C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s) C:\Program Files (x86)\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 01/09/2011 17:41:16 (5591 Byte(s)) End at: 17:42:08, 01/09/2011 ============== E.O.F ==============