======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 17:43:47 on 09/09/2011, Normal boot Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Home@DOM-887DB879954 ( ) ============== SEARCH ============== Folder found: C:\Documents and Settings\Home\Dane aplikacji\Mozilla\FireFox\Profiles\77yihvzx.default\conduit Folder found: C:\Documents and Settings\Home\Dane aplikacji\Mozilla\FireFox\Profiles\77yihvzx.default\ConduitEngine Folder found: C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\AskToolbar Folder found: C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\Conduit -- File opened: C:\Documents and Settings\Home\Dane aplikacji\Mozilla\FireFox\Profiles\77yihvzx.default\Prefs.js -- Line found: user_pref("CT2530240.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT253... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"")... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/923243/919034/PL", "\"0\"")... Line found: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2530240", ... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Line found: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63443493058760... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2530240/CT2530240... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalize... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif"... Line found: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=pl-pl", "\"... Line found: user_pref("CommunityToolbar.EngineOwner", "CT2530240"); Line found: user_pref("CommunityToolbar.EngineOwnerGuid", "{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"); Line found: user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-polska"); Line found: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Line found: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2530240"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-polska"); Line found: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&... Line found: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2530240"); Line found: user_pref("CommunityToolbar.ToolbarsList2", "CT2530240"); Line found: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Line found: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Sep 09 2011 10:13:31 GMT+0200"); Line found: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Line found: user_pref("CommunityToolbar.alert.locale", "en"); Line found: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Line found: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Sep 09 2011 10:13:31 GMT+0200"); Line found: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); Line found: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Line found: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Line found: user_pref("CommunityToolbar.alert.showTrayIcon", false); Line found: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Line found: user_pref("CommunityToolbar.alert.userId", "b8d363b6-3847-4f28-96d8-061ade9e117d"); Line found: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2530240"); Line found: user_pref("ConduitEngine.FirstServerDate", "06/16/2011 16"); Line found: user_pref("ConduitEngine.FirstTime", true); Line found: user_pref("ConduitEngine.FirstTimeFF3", true); Line found: user_pref("ConduitEngine.HasUserGlobalKeys", true); Line found: user_pref("ConduitEngine.Initialize", true); Line found: user_pref("ConduitEngine.InitializeCommonPrefs", true); Line found: user_pref("ConduitEngine.InstalledDate", "Thu Jun 16 2011 15:21:01 GMT+0200"); Line found: user_pref("ConduitEngine.IsMulticommunity", false); Line found: user_pref("ConduitEngine.IsOpenThankYouPage", false); Line found: user_pref("ConduitEngine.IsOpenUninstallPage", true); Line found: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jun 16 2011 15:21:01 GMT+0200"); Line found: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Jun 16 2011 15:21:01 GMT+0200"); Line found: user_pref("ConduitEngine.PublisherContainerWidth", 0); Line found: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Line found: user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jun 16 2011 15:20:59 GMT+0200"); Line found: user_pref("ConduitEngine.UserID", "UN50681495590097554"); Line found: user_pref("ConduitEngine.engineLocale", "pl"); Line found: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jun 16 2011 15:21:01 GMT+0200"); Line found: user_pref("ConduitEngine.initDone", true); -- File closed -- Key found: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870E} Key found: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7D} Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery Key found: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1 Key found: HKLM\Software\Classes\Toolbar.CT2530240 Key found: HKLM\Software\AskToolbar Key found: HKLM\Software\Conduit Key found: HKCU\Software\AskToolbar Key found: HKCU\Software\DataMngr Key found: HKCU\Software\PriceGong Key found: HKCU\Software\Toolbar Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\RelevantKnowledge Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [6.0.2 (pl)] **** Plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) HKLM_MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf (x) HKLM_MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf (x) HKCU_MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) -- C:\Documents and Settings\Home\Dane aplikacji\Mozilla\FireFox\Profiles\77yihvzx.default -- Extensions\fashiolista@fashiolista.com (Add to Fashiolista!) Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Home\\Pulpit Prefs.js - browser.search.defaulturl, Prefs.js - browser.startup.homepage, hxxp://www.google.pl Prefs.js - browser.startup.homepage_override.buildID, 20110902133214 Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.2 ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Start Page - hxxp://google.pl/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=NRO2&o=15422&src=crm&q={searchTer...) HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - "Web Search" (hxxp://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Softonic-Polska Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - "Web Search" (hxxp://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}) HKCU_ElevationPolicy\{D9420AC0-7FFF-413D-B419-52469CCC2485} - C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products Ltd.) HKLM_ElevationPolicy\{4536918A-95A8-498F-B542-CB906C561A43} - C:\Program Files\Google\Update\GoogleUpdate.exe (x) HKLM_ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32} - C:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe (x) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 1 File(s) C:\Ad-Report-SCAN[1].txt - 09/09/2011 17:43:50 (10465 Byte(s)) End at: 17:44:27, 09/09/2011 ============== E.O.F ==============