======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 13:28:47 on 08/09/2011, Normal boot Microsoft Windows 7 Ultimate (X64) Damian@FERRARI ( ) ============== SEARCH ============== Folder found: C:\Users\Damian\AppData\Roaming\Mozilla\FireFox\Profiles\0bwzt7e9.default\conduit Folder found: C:\Users\Damian\AppData\Roaming\Mozilla\FireFox\Profiles\0bwzt7e9.default\ConduitEngine Folder found: C:\Users\Damian\AppData\Roaming\Mozilla\FireFox\Profiles\0bwzt7e9.default\extensions\engine@conduit.com File found: C:\Users\Damian\AppData\Roaming\Mozilla\FireFox\Profiles\0bwzt7e9.default\searchplugins\conduit.xml Folder found: C:\Program Files (x86)\Conduit Folder found: C:\Program Files (x86)\ConduitEngine Folder found: C:\Users\Damian\AppData\LocalLow\PriceGong -- File opened: C:\Users\Damian\AppData\Roaming\Mozilla\FireFox\Profiles\0bwzt7e9.default\Prefs.js -- Line found: user_pref("CT2530240.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT253... Line found: user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2530240"); Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"")... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/923243/919034/PL", "\"0\"")... Line found: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2530240", ... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.... Line found: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2530240",... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2530240/CT2530240... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalize... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif"... Line found: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=pl-pl", "\"... Line found: user_pref("CommunityToolbar.EngineHiddenByUser", true); Line found: user_pref("CommunityToolbar.EngineOwner", "ConduitEngine"); Line found: user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com"); Line found: user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine"); Line found: user_pref("CommunityToolbar.IsEngineShown", true); Line found: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Line found: user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine"); Line found: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Line found: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2530240"); Line found: user_pref("CommunityToolbar.ToolbarsList2", "CT2530240"); Line found: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Jul 16 2011 21:11:59 GMT+02... Line found: user_pref("CommunityToolbar.alert.alertEnabled", true); Line found: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Line found: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Sep 07 2011 21:05:57 GMT+0200"); Line found: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Line found: user_pref("CommunityToolbar.alert.locale", "en"); Line found: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Line found: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Sep 07 2011 18:43:52 GMT+0200"); Line found: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); Line found: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Line found: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Line found: user_pref("CommunityToolbar.alert.showTrayIcon", false); Line found: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Line found: user_pref("CommunityToolbar.alert.userId", "65a637e1-20ca-4746-9d40-1d409afb6a2f"); Line found: user_pref("CommunityToolbar.globalUserId", "80ce5cd6-44a9-40f0-9df4-416cf93fae1e"); Line found: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Line found: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Line found: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2530240"); Line found: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Fri Aug 26 2011 19:28:50 GMT+0200"); Line found: user_pref("ConduitEngine.CTID", "ConduitEngine"); Line found: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Sep 07 2011 18:43:53 GMT+0200"); Line found: user_pref("ConduitEngine.FirstServerDate", "05/05/2011 21"); Line found: user_pref("ConduitEngine.FirstTime", true); Line found: user_pref("ConduitEngine.FirstTimeFF3", true); Line found: user_pref("ConduitEngine.HasUserGlobalKeys", true); Line found: user_pref("ConduitEngine.Initialize", true); Line found: user_pref("ConduitEngine.InitializeCommonPrefs", true); Line found: user_pref("ConduitEngine.InstalledDate", "Thu May 05 2011 20:31:29 GMT+0200"); Line found: user_pref("ConduitEngine.IsMulticommunity", false); Line found: user_pref("ConduitEngine.IsOpenThankYouPage", false); Line found: user_pref("ConduitEngine.IsOpenUninstallPage", true); Line found: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Sep 07 2011 18:43:53 GMT+0200"); Line found: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Sep 08 2011 13:14:22 GMT+0200"); Line found: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Line found: user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Sep 08 2011 13:14:13 GMT+0200"); Line found: user_pref("ConduitEngine.UserID", "UN11387495057507596"); Line found: user_pref("ConduitEngine.componentAlertEnabled", false); Line found: user_pref("ConduitEngine.engineLocale", "pl"); Line found: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Sep 07 2011 18:43:53 GMT+0200"); Line found: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Sep 08 2011 13:14:24 GMT+0200"); Line found: user_pref("ConduitEngine.initDone", true); Line found: user_pref("ConduitEngine.isAppTrackingManagerOn", true); Line found: user_pref("ConduitEngine.usagesFlag", 1); Line found: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2530240&Sea... -- File closed -- Key found: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\Toolbar.CT2530240 Key found: HKCU\Software\AppDataLow\Software\PriceGong Key found: HKCU\Software\AppDataLow\Software\Toolbar Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [4.0.1 (pl)] **** HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox ) -- C:\Users\Damian\AppData\Roaming\Mozilla\FireFox\Profiles\0bwzt7e9.default -- Extensions\engine@conduit.com (Conduit Engine ) Extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} (Softonic-Polska Community Toolbar) Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2530240&SearchSource=3&q={searchTerms} /) Prefs.js - browser.search.defaultenginename, Yahoo Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2530240&SearchSource=3&q={searchTerms} Prefs.js - browser.search.selectedEngine, Yahoo Prefs.js - browser.startup.homepage, www.google.pl Prefs.js - browser.startup.homepage_override.buildID, 20110413222027 Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1 Prefs.js - keyword.URL, hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=867034&p= ======================================== **** Internet Explorer Version [8.0.7600.16385] **** HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_URLSearchHooks|{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} (x) HKCU_Toolbar\WebBrowser|{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} (x) HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x) HKCU_Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) BHO\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - "IplexToALLPlayer" (C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s) C:\Program Files (x86)\Ad-Remover\Backup: 1 File(s) C:\Ad-Report-SCAN[1].txt - 08/09/2011 13:29:12 (11896 Byte(s)) End at: 13:30:04, 08/09/2011 ============== E.O.F ==============