======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 19:16:24 on 07/09/2011, Normal boot

Microsoft Windows 7 Ultimate  Service Pack 1 (X86) 
Ernest@ERNEST-KOMPUTER (System manufacturer System Product Name) 
 
============== SEARCH ==============


File found: C:\Users\Ernest\AppData\Roaming\Readar_sl.exe
Folder found: C:\Users\Ernest\AppData\LocalLow\FunWebProducts
Folder found: C:\Program Files\FunWebProducts
Folder found: C:\Users\Ernest\AppData\LocalLow\MyWebSearch
Folder found: C:\Program Files\MyWebSearch
Folder found: C:\ProgramData\Trymedia

-- File opened: C:\Users\Ernest\AppData\Roaming\Mozilla\FireFox\Profiles\civoq7po.default\Prefs.js --
Line found: user_pref("browser.search.selectedEngine", "qooqlle"); 
Line found: user_pref("browser.startup.homepage", "hxxp://www.qooqlle.com/"); 
-- File closed --
 

Key found: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key found: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key found: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Key found: HKLM\Software\Classes\TypeLib\{A4BCA928-B566-49C6-AEF1-50BF8673F5CF}
Key found: HKLM\Software\Classes\Toolbar.CT2619605
Key found: HKLM\Software\FocusInteractive
Key found: HKLM\Software\Fun Web Products
Key found: HKLM\Software\MyWebSearch
Key found: HKLM\Software\Trymedia Systems
Key found: HKCU\Software\IEBarProperties
Key found: HKCU\Software\MyWebSearch
Key found: HKCU\Software\AppDataLow\Software\Conduit
Key found: HKCU\Software\AppDataLow\Software\Fun Web Products
Key found: HKCU\Software\AppDataLow\Software\FunWebProducts
Key found: HKCU\Software\AppDataLow\Software\MarketPrecision
Key found: HKCU\Software\AppDataLow\Software\MyWebSearch
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key found: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
Key found: HKLM\Software\Classes\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key found: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Value found: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Readar_sl
Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [6.0.1 (pl)] ****

Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search)
Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results)
Searchplugins\fcmdSrchddr.xml (hxxp://start.facemoods.com/?a=ddr&f=4&q={searchTerms}/)
Searchplugins\McSiteAdvisor.xml (	hxxp://search.yahoo.com/search)
Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb)
Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms})
Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj)
Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms})
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Click to call with Skype)
HKLM_Extensions|{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ (x)
HKLM_Extensions|{4bcdbfd0-fa26-11de-8a39-0800200c9a66} - C:\Users\Ernest\AppData\Roaming\Mozilla\FireFox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66} (x)

-- C:\Users\Ernest\AppData\Roaming\Mozilla\FireFox\Profiles\civoq7po.default --
Searchplugins\search.xml (?)
Prefs.js - browser.search.selectedEngine, qooqlle
Prefs.js - browser.startup.homepage, hxxp://www.qooqlle.com/
Prefs.js - browser.startup.homepage_override.mstone, false

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Search bar - hxxp://www.tangosearch.com/?useie5=1&q=
HKCU_Main|Start Page - hxxp://www.qooqlle.com/
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search bar - hxxp://www.tangosearch.com/?useie5=1&q=
HKCU_URLSearchHooks|{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - "SearchHook Class" (C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll)
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Search" (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=UT2V5&o=15158&src=crm&q={searchTe...)
HKCU_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZJxdm130YYPL&ptb=KzNDn...)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "jdownloader-pro Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_SearchScopes\{D4391ED1-FE9C-44CB-A656-F43BB308FC8B} - "Search" (hxxp://www.tangosearch.com/?q={searchTerms}&a=SEARCH)
HKLM_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZJxdm130YYPL&ptb=KzNDn...)
HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "jdownloader-pro Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKLM_SearchScopes\{D4391ED1-FE9C-44CB-A656-F43BB308FC8B} - "Search" (hxxp://www.tangosearch.com/?q={searchTerms}&a=SEARCH)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKLM_ElevationPolicy\40a28544-0d54-4f4f-9802-9c67ad5a3354 - C:\Program Files\jdownloader-pro\jdownloader-proToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{2211118d-417c-4791-8024-4d098a848551} - C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.87-8876480SL\Program\register.exe (x)
HKLM_ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} - C:\Program Files\MyWebSearch\bar\1.bin\m3impipe.exe (x)
HKLM_ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} - C:\Windows\system32\f3PSSavr.scr (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{7fd136df-fe1b-4e9c-b3a9-3e20315f09c8} - C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.87-8876480SL\Program\PrvCnt.exe (x)
HKLM_ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} - C:\Program Files\MyWebSearch\bar\1.bin\m3SkPlay.exe (x)
HKLM_ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} - C:\Program Files\MyWebSearch\bar\1.bin\m3medint.exe (x)
HKLM_ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} - C:\Program Files\MyWebSearch\bar\1.bin\m3SlSrch.exe (x)
HKLM_ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} - C:\Program Files\MyWebSearch\bar\1.bin\m3SrchMn.exe (x)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)
BHO\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - "IplexToALLPlayer" (C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL)
BHO\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - "IEPluginBHO Class" () (x)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 1 File(s)

C:\Ad-Report-SCAN[1].txt - 07/09/2011 19:16:36 (10182 Byte(s)) 

End at: 19:17:04, 07/09/2011 
 
============== E.O.F ==============