======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 15:44:37 on 21/09/2011, Normal boot Microsoft Windows 7 Professional Service Pack 1 (X86) 3ndriu@3NDRIU-KOMPUTER (LENOVO 20023) ============== SEARCH ============== Folder found: C:\Users\3ndriu\AppData\Local\Conduit Folder found: C:\Users\3ndriu\AppData\LocalLow\Conduit Folder found: C:\Program Files\Conduit Folder found: C:\Users\3ndriu\AppData\LocalLow\ConduitEngine Folder found: C:\Program Files\ConduitEngine Folder found: C:\Program Files\Application Updater Folder found: C:\Users\3ndriu\AppData\LocalLow\pdfforge Folder found: C:\Program Files\pdfforge Toolbar Folder found: C:\Users\3ndriu\AppData\LocalLow\Search Settings Folder found: C:\Program Files\Common Files\Spigot Folder found: C:\Program Files\WinSCP\OpenCandy Key found: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKLM\Software\Classes\CLSID\{AC6240AE-33B6-40D3-8683-31BBE86049A0} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6240AE-33B6-40D3-8683-31BBE86049A0} Key found: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key found: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B} Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\Toolbar.CT2776682 Key found: HKLM\Software\Application Updater Key found: HKLM\Software\Conduit Key found: HKLM\Software\conduitEngine Key found: HKLM\Software\pdfforge Key found: HKLM\Software\Search Settings Key found: HKCU\Software\PartyGaming Key found: HKCU\Software\Zugo Key found: HKCU\Software\AppDataLow\Toolbar Key found: HKCU\Software\AppDataLow\Software\Conduit Key found: HKCU\Software\AppDataLow\Software\conduitEngine Key found: HKCU\Software\AppDataLow\Software\pdfforge Key found: HKCU\Software\AppDataLow\Software\Search Settings Key found: HKLM\Software\Classes\Installer\Products\7A931B0A5D8E8E947AFB2124E1562280 Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\7A931B0A5D8E8E947AFB2124E1562280 Key found: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Readar_sl Key found: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC32ADB8-05FD-4E01-85A4-004390FB1A12} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} ============== ADDITIONNAL SCAN ============== -- C:\Users\3ndriu\AppData\Roaming\Mozilla\FireFox\Profiles\3fyc3lmq.default -- Prefs.js - browser.search.selectedEngine, Prefs.js - browser.startup.homepage, Prefs.js - browser.startup.homepage_override.mstone, false ======================================== **** Google Chrome Version [14.0.835.186] **** Extension\naipdapbimiiikbbgjcpbgmfhnlbagpj (C:\Users\3ndriu\AppData\Local\Temp\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx) (x) -- C:\Users\3ndriu\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (?) Preferences - homepage: hxxp://www.google.pl/ Preferences - homepage_is_newtabpage: false Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x) Plugin - Native Client (Enabled: true) (C:\Users\3ndriu\AppData\Local\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - "Remoting Viewer" (Enabled: true) Plugin - "Native Client" (Enabled: true) ======================================== **** Internet Explorer Version [8.0.7601.17514] **** HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_URLSearchHooks|{51a86bb3-6602-4c85-92a5-130ee4864f13} - "BrotherSoft Extreme Toolbar" (C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll) HKLM_URLSearchHooks|{51a86bb3-6602-4c85-92a5-130ee4864f13} - "BrotherSoft Extreme Toolbar" (C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll) HKCU_SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57} - "Yahoo!" (hxxp://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_nam...) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "BrotherSoft Extreme Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "BrotherSoft Extreme Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_Toolbar|{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} (x) HKLM_Toolbar|{51a86bb3-6602-4c85-92a5-130ee4864f13} (C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll) HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files\ConduitEngine\prxConduitEngine.dll) HKLM_ElevationPolicy\{0002df01-0000-0000-c000-000000000046} - C:\Program Files\Internet Explorer\iexplore.exe (x) HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x) HKLM_ElevationPolicy\{25B8DF97-7058-4584-8864-55DB1BED836B} - C:\Windows\system32\spool\DRIVERS\W32X86\3\novaclk6.exe (Softland) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{88B8B1B8-7E04-4237-B6DC-4E507EA4AF2A} - C:\Users\3ndriu\AppData\Local\Conduit\CT2776682\BrotherSoft_ExtremeAutoUpdateHelper.exe (?) HKLM_ElevationPolicy\{AC32ADB8-05FD-4E01-85A4-004390FB1A12} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (?) HKLM_ElevationPolicy\{D29F2B1A-0793-4B0E-8873-925D0419EED9} - C:\Program Files\BrotherSoft_Extreme\BrotherSoft_ExtremeToolbarHelper.exe (?) HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015" (C:\Program Files\Lenovo\Bluetooth Software\bt_cold_icon.ico) BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine " (C:\Program Files\ConduitEngine\prxConduitEngine.dll) BHO\{51a86bb3-6602-4c85-92a5-130ee4864f13} - "BrotherSoft Extreme Toolbar" (C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll) BHO\{D2C5E510-BE6D-42CC-9F61-E4F939078474} - "Lexmark " (C:\Program Files\Lexmark Printable Web\bho.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 21/09/2011 15:44:47 (7438 Byte(s)) End at: 15:46:14, 21/09/2011 ============== E.O.F ==============