======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 22:32:19 on 19/09/2011, Normal boot

Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) 
user@USER-53FFA95C5E ( ) 
 
============== SEARCH ==============


File found: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
File found: C:\Program Files\Uninstall Fun Web Products.dll
File found: C:\WINDOWS\system32\ConduitEngine.tmp
File found: C:\Documents and Settings\user\Dane aplikacji\Mozilla\FireFox\Profiles\w9g26itg.default\searchplugins\mywebsearch.xml 
Folder found: C:\Program Files\AskSearch
Folder found: C:\Program Files\PartyGaming
Folder found: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Conduit
Folder found: C:\Program Files\FunWebProducts
Folder found: C:\Program Files\MyWebSearch
Folder found: C:\Documents and Settings\All Users\Dane aplikacji\PopCap Games
Folder found: C:\Program Files\PopCap Games
Folder found: C:\Documents and Settings\All Users\Dane aplikacji\Trymedia
Folder found: C:\Program Files\Trymedia

-- File opened: C:\Documents and Settings\user\Dane aplikacji\Mozilla\FireFox\Profiles\w9g26itg.default\Prefs.js --
Line found: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-... 
Line found: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea... 
Line found: user_pref("extensions.mywebsearch.prevKwdEnabled", true); 
Line found: user_pref("extensions.mywebsearch.prevKwdURL", ""); 
Line found: user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCxdm490YYPL&ptb... 
-- File closed --
 

Key found: HKLM\Software\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key found: HKLM\Software\Classes\CLSID\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB}
Key found: HKLM\Software\Classes\TypeLib\{1D4DB7D0-6EC9-47A3-BD87-1E41684E07BB}
Key found: HKLM\Software\Classes\Conduit.Engine
Key found: HKLM\Software\Classes\FunWebProductsInstaller.Start
Key found: HKLM\Software\Classes\FunWebProductsInstaller.Start.1
Key found: HKLM\Software\Classes\Toolbar.CT1708250
Key found: HKLM\Software\Classes\Toolbar.CT2031308
Key found: HKLM\Software\Classes\Toolbar.CT2508618
Key found: HKLM\Software\Classes\Toolbar.CT2776682
Key found: HKLM\Software\Classes\Toolbar.CT3031607
Key found: HKLM\Software\Classes\Toolbar.CT3031818
Key found: HKLM\Software\AskBarDis
Key found: HKLM\Software\Casino.com
Key found: HKLM\Software\Conduit
Key found: HKLM\Software\FocusInteractive
Key found: HKLM\Software\Fun Web Products
Key found: HKLM\Software\FunWebProducts
Key found: HKLM\Software\MyWebSearch
Key found: HKLM\Software\PopCap
Key found: HKLM\Software\Relatedpageinstall
Key found: HKLM\Software\Trymedia Systems
Key found: HKCU\Software\AutocompleteProBHO
Key found: HKCU\Software\Casino.com
Key found: HKCU\Software\FunWebProducts
Key found: HKCU\Software\MyWebSearch
Key found: HKCU\Software\PartyGaming
Key found: HKCU\Software\PopCap
Key found: HKCU\Software\Toolbar
Key found: HKCU\Software\Zugo
Key found: HKCU\Software\AppDataLow\AskSA
Key found: HKLM\Software\Cheat Engine\OpenCandy
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Casino.com
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PartyPoker
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PopCap Games
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key found: HKLM\Software\Classes\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37B85A2B-692B-4205-9CAD-2626E4993404}

Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{043C5167-00BB-4324-AF7E-62013FAEDACF}


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [6.0.2 (pl)] ****

HKLM_MozillaPlugins\@funwebproducts.com/Plugin (x)
HKLM_MozillaPlugins\@ngm.nexoneu.com/NxGame (x)
HKLM_MozillaPlugins\@pages.tvunetworks.com/WebPlayer (x)
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0 (x)
HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&amp;sourceid=Mozilla-search)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&amp;q={searchTerms}&amp;mntrId=1436f85f000000000000001fd06a5639&amp;tlver=1.4.19.19&amp;affID=17160/)
Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results)
Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&amp;fraza={searchTerms}&amp;skad=crhhxmkohb)
Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms})
Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj)
Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&amp;r=T&amp;szukaj={searchTerms})
Components\AskSearch.js
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} (Free Lunch Design Toolbar)
Extensions\{B13721C7-F507-4982-B2E5-502A71474FED} (Skype extension for Firefox		)
HKLM_Extensions|{BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
HKLM_Extensions|{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_1_3

-- C:\Documents and Settings\user\Dane aplikacji\Mozilla\FireFox\Profiles\w9g26itg.default --
Searchplugins\mywebsearch.xml (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml)
Prefs.js - browser.search.selectedEngine, My Web Search
Prefs.js - browser.startup.homepage_override.mstone, false
Prefs.js - keyword.URL, hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCxdm490YYPL&ptb=_QI5ezNKSlQLOMy7Wr.g8A&ind=20110...

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Search bar - hxxp://szukaj.wp.pl/szukajneo.html
HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} - "Web Search..." (hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp)
HKCU_SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - "Search the web (Babylon)" (hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627)
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=1436f85f000000000...)
HKCU_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCxdm490YYPL&ptb=_QI5e...)
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - "Web Search" (hxxp://search.bearshare.com/webResults.html?src=ieb&q={searchTerms})
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Softonic-Polska_ Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKLM_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCxdm490YYPL&ptb=_QI5e...)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{043C5167-00BB-4324-AF7E-62013FAEDACF} (x)
HKLM_Toolbar|{327C2873-E90D-4c37-AA9D-10AC9BABA46C} (C:\Program Files\Canon\Easy-WebPrint\Toolband.dll)
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\0423448b-1946-4b3e-b23c-58419f150103 - C:\Program Files\Free_Lunch_Design\Free_Lunch_DesignToolbarHelper.exe (x)
HKLM_ElevationPolicy\5f5575d8-2970-4be7-acc5-e1987157208b - C:\Program Files\Free_Lunch_Design\Free_Lunch_DesignToolbarHelper.exe (x)
HKLM_ElevationPolicy\620ccd9f-8c3d-431d-a529-3f8acc654f8d - C:\Program Files\Free_Lunch_Design\Free_Lunch_DesignToolbarHelper.exe (x)
HKLM_ElevationPolicy\9046e355-f09a-4daf-b579-eff022ac44e9 - C:\Program Files\DigitalPowered\DigitalPoweredToolbarHelper.exe (x)
HKLM_ElevationPolicy\f32d9263-5ed4-4090-8e04-73d94cd7eed6 - C:\Program Files\Free_Lunch_Design\Free_Lunch_DesignToolbarHelper.exe (x)
HKLM_ElevationPolicy\{2A9467B4-C085-11DD-BC92-869555D89593} - C:\Program Files\BearShareTb\uninstall.exe (x)
HKLM_ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} - C:\Program Files\MyWebSearch\bar\3.bin\m3impipe.exe (x)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} - C:\WINDOWS\system32\f3PSSavr.scr (x)
HKLM_ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} - C:\Program Files\MyWebSearch\bar\3.bin\m3SkPlay.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} - C:\Program Files\MyWebSearch\bar\3.bin\m3medint.exe (x)
HKLM_ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} - C:\Program Files\MyWebSearch\bar\3.bin\m3SlSrch.exe (x)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} - C:\Program Files\MyWebSearch\bar\3.bin\m3SrchMn.exe (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll)
BHO\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - "IplexToALLPlayer" (C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL)
BHO\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - "IEPluginBHO Class" (C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll) (x)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 0 File(s)

C:\Ad-Report-SCAN[1].txt - 19/09/2011 22:32:33 (12550 Byte(s)) 

End at: 22:33:04, 19/09/2011 
 
============== E.O.F ==============