======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 21:04:26 on 11/09/2011, Normal boot

Microsoft Windows 7 Home Premium   (X64) 
USER@USER-KOMPUTER (ASUSTeK Computer INC. K50AB) 
 
============== SEARCH ==============


File found: C:\Program Files (x86)\Mozilla FireFox\Components\AskHPRFF.js
Folder found: C:\Users\USER\AppData\LocalLow\AskToolbar

Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Key found: HKLM\Software\Classes\Toolbar.CT2417076
Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key found: HKCU\Software\Ask.com
Key found: HKCU\Software\AppDataLow\AskBarDis
Key found: HKCU\Software\AppDataLow\AskHomePage
Key found: HKCU\Software\AppDataLow\AskToolbarInfo
Key found: HKCU\Software\AppDataLow\HavingFunOnline
Key found: HKCU\Software\AppDataLow\Software\AskToolbar
Key found: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKLM\Software\Classes\.flv\OpenWithList\FLVPlayer.exe


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [3.6.2pre (pl)] ****

Plugins\npwachk.dll (Nullsoft, Inc.)
Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl.anonymize-me.de/?)
Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl.anonymize-me.de/?)
Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl.anonymize-me.de/?)
Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl.anonymize-me.de/?)
Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org.anonymize-me.de/?)
Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl.anonymize-me.de/?)
Components\AskHPRFF.js
Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox		)
Extensions\{c3743f34-4dfb-8422-7f87-75d9b3abf628} (LoudMo Contextual Ad Assistant)

-- C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\s7temqxv.default --
Extensions\zrzuta.eu@gmail.com (Zrzuta.eu)
Searchplugins\{620689D7-502B-40BF-9A6B-1D272323E1DC}.xml (hxxp://www.pricerunner.de.anonymize-me.de/?)
Searchplugins\{6DA62CAA-4F6F-41B0-B3CA-FAFF880E9431}.xml (hxxp://www.amazon.de.anonymize-me.de/?)
Searchplugins\{8E392730-D60A-4FA2-A2CD-1ED51CFCBAA7}.xml (hxxp://search.ebay.de.anonymize-me.de/?)
Searchplugins\{C2647924-9F80-4D8A-95D1-B444B6E4BAE9}.xml (hxxp://www.myvideo.de.anonymize-me.de/?)
Searchplugins\{FDB04742-AC5E-4474-8133-B280BCDCE057}.xml (hxxp://www.otto.de.anonymize-me.de/?)
Prefs.js - browser.download.lastDir, C:\\Users\\USER\\Desktop\\złudzenia optyczne
Prefs.js - browser.search.selectedEngine, 
Prefs.js - browser.startup.homepage_override.mstone, false

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Default_Search_URL - hxxp://www.google.com/ie
HKCU_Main|Search bar - hxxp://www.google.com/ie
HKCU_Main|Search Page - hxxp://www.google.com
HKCU_Main|Start Page - hxxp://www.google.com
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_SearchScopes\{11FFA94F-DFC6-40AF-9944-9AA7DFBC4508} - "Preisvergleich" (hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={s...)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com.anonymize-me.de/?anonymto=687474703A2F2F776562736561726...)
HKCU_SearchScopes\{686FC442-EEC7-42CA-9FD9-9E57FD66598B} - "Search" (hxxp://flvdirect.iamwired.net.anonymize-me.de/?anonymto=687474703A2F2F666C766469...)
HKCU_SearchScopes\{710791B4-7EBA-4CE8-98F7-D05799DA4B61} - "Wikipedia" (hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st=...)
HKCU_SearchScopes\{825F1796-55E1-4A60-9940-25EE8E9EDF07} - "Amazon" (hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&cli...)
HKCU_SearchScopes\{C192F2BE-8FEC-4233-A33D-15778B269665} - "MyVideo" (hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&...)
HKCU_SearchScopes\{C9E7E262-232D-4507-A71A-85C1739A03AD} - "eBay.de" (hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=0...)
HKCU_SearchScopes\{D3542984-5C52-4C22-BB5F-B3CE0F37C3D2} - "OTTO" (hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=0a85...)
HKCU_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files (x86)\Ask.com\SaUpdate.exe (x)
HKLM_ElevationPolicy\aa893cdb-e8c5-4fee-b1a1-bbb97da012db - C:\Program Files (x86)\gry\gryToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\symerr.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{28A36D69-07EA-44CE-B298-1A8B3E8B6FE1} - C:\Program Files (x86)\Skype\Phone\Skype.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files (x86)\Ask.com\SaUpdate.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 File(s)

C:\Ad-Report-SCAN[1].txt - 11/09/2011 21:04:30 (6867 Byte(s)) 

End at: 21:06:44, 11/09/2011 
 
============== E.O.F ==============