======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 20:48:40 on 10/10/2011, Normal boot Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Gosia@IBM-172E9A65862 ( ) ============== SEARCH ============== Folder found: C:\Program Files\Fast Browser Search Folder found: C:\Documents and Settings\Gosia\Menu Start\Programy\PopCap Games Folder found: C:\Documents and Settings\All Users\Menu Start\Programy\PopCap Games Folder found: C:\Program Files\Search Guard PlusU Folder found: C:\Program Files\SGPSA Folder found: C:\Program Files\Trymedia Folder found: C:\Program Files\Red Kawa\Video Converter App\OpenCandy Key found: HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Key found: HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Key found: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} Key found: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} Key found: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} Key found: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} Key found: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Key found: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} Key found: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} Key found: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} Key found: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Key found: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} Key found: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} Key found: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} Key found: HKLM\Software\Classes\Interface\{8D292EC0-6792-4A38-82ED-73A087E41BA6} Key found: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} Key found: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} Key found: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} Key found: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} Key found: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} Key found: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} Key found: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} Key found: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} Key found: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} Key found: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} Key found: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} Key found: HKLM\Software\Classes\TypeLib\{DC3020B4-815F-427B-A5DA-82DC6634EBAD} Key found: HKLM\Software\Classes\TypeLib\{DF8AC7EC-373F-4606-9049-E6DA55CC5D05} Key found: HKLM\Software\Classes\TypeLib\{F0CF944C-F160-4F65-8F0A-2773322FF357} Key found: HKLM\Software\AskBarDis Key found: HKLM\Software\OpenCandy Key found: HKLM\Software\PopCap Key found: HKCU\Software\FunWebProducts Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PopCap Games Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC8E56DC-EDD7-4E09-BC0F-B263DDC0AFA1} Key found: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Key found: HKLM\Software\Classes\MIME\Database\Content Type\Application/x-f3embed Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [2.0 (en-US)] **** HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x) Searchplugins\amazondotcom.xml (hxxp://www.amazon.com/exec/obidos/external-search/) Searchplugins\answers.xml (hxxp://www.answers.com/main/ntquery) Searchplugins\creativecommons.xml (hxxp://search.creativecommons.org/) Searchplugins\eBay.xml (hxxp://search.ebay.com/search/search.dll) Extensions\real-networks@partners.mozilla.com (Real Networks Settings) Extensions\talkback@mozilla.org (Talkback) -- C:\Documents and Settings\Gosia\Dane aplikacji\Mozilla\FireFox\Profiles\r5d67rei.default -- Prefs.js - browser.search.selectedEngine, Live Search Prefs.js - browser.startup.homepage, hxxp://www.live.com/ Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.0.6 Prefs.js - keyword.URL, hxxp://search.live.com/results.aspx?mkt=pl-pl&FORM=MICPPL&q= ======================================== **** Internet Explorer Version [7.0.5730.11] **** HKCU_Main|Default_Search_URL - hxxp://www.google.com/ie HKCU_Main|SearchAssistant - hxxp://search.bearshare.com/sidebar.html?src=ssb HKCU_Main|SearchMigratedDefaultURL - hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 HKCU_Main|Search bar - hxxp://www.google.com/ie HKCU_Main|Search Page - hxxp://www.google.com HKCU_Main|Start Page - hxxp://www.google.pl/ HKLM_Main|Default_Page_URL - hxxp://www.yahoo.com HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://www.yahoo.com AboutUrls|Tabs - hxxp://www.fastbrowsersearch.com/new-tab/?v=18&tid=0 HKCU_URLSearchHooks|_{CFBFAE00-17A6-11D0-99CB-00C04FD64497} (x) HKCU_URLSearchHooks|{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} (x) HKCU_SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9} - "Fast Browser Search" (hxxp://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DS...) HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - "Web Search" (hxxp://search.bearshare.com/webResults.html?src=ieb&q={searchTerms}) HKCU_SearchScopes\{EC8E56DC-EDD7-4E09-BC0F-B263DDC0AFA1} - "Dealio" (hxxp://www.dealio.com/products.html?kwd={searchTerms}) HKCU_Toolbar\ShellBrowser|{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} (x) HKCU_Toolbar\WebBrowser|{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} (x) HKCU_Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} (x) HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (x) HKLM_Toolbar|{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} (x) HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (x) HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "AcroIEHlprObj Class" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll) BHO\{5CA3D70E-1895-11CF-8E15-001234567890} - "DriveLetterAccess" (C:\WINDOWS\system32\dla\tfswshx.dll) BHO\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4} (?) BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Pomocnik rejestracji usługi Windows Live" (C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll) BHO\{F0626A63-410B-45E2-99A1-3F2475B2D695} (?) BHO\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - "IEPluginBHO Class" (C:\Documents and Settings\Gosia\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 10/10/2011 20:48:59 (4540 Byte(s)) End at: 20:49:53, 10/10/2011 ============== E.O.F ==============