======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org D:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 12:51:20 on 19/11/2011, Normal boot Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) WIN@WIN-ABC96AF0B4C ( ) ============== SEARCH ============== Folder found: C:\Documents and Settings\WIN\Dane aplikacji\Mozilla\FireFox\Profiles\cwrzww6l.default\conduit Folder found: C:\Documents and Settings\WIN\Dane aplikacji\Mozilla\FireFox\Profiles\cwrzww6l.default\ConduitEngine Folder found: C:\Documents and Settings\WIN\Dane aplikacji\Mozilla\FireFox\Profiles\cwrzww6l.default\extensions\engine@conduit.com File found: C:\Documents and Settings\WIN\Dane aplikacji\Mozilla\FireFox\Profiles\cwrzww6l.default\searchplugins\conduit.xml Folder found: C:\Documents and Settings\WIN\Ustawienia lokalne\Dane aplikacji\Conduit Folder found: C:\Documents and Settings\WIN\Ustawienia lokalne\Dane aplikacji\ConduitEngine Folder found: C:\Program Files\ConduitEngine Folder found: C:\Documents and Settings\All Users\Dane aplikacji\PopCap Games -- File opened: C:\Documents and Settings\WIN\Dane aplikacji\Mozilla\FireFox\Profiles\cwrzww6l.default\Prefs.js -- Line found: user_pref("CT2304157.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Line found: user_pref("CT2304157.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT230... Line found: user_pref("CT2304157.myStuffSearchUrl", "hxxp://search.conduit.com/Results.aspx?q=SEARCH_TERM&ctid=E... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/PL", "\"0\"... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"")... Line found: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", ... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3... Line found: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428543113243... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/21/2... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678... Line found: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634... Line found: user_pref("CommunityToolbar.EngineOwner", "ConduitEngine"); Line found: user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com"); Line found: user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine"); Line found: user_pref("CommunityToolbar.IsEngineShown", true); Line found: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Line found: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar"); Line found: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr... Line found: user_pref("CommunityToolbar.ToolbarsList", "CT2304157,ConduitEngine"); Line found: user_pref("CommunityToolbar.ToolbarsList2", "CT2304157,ConduitEngine"); Line found: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue May 10 2011 21:26:37 GMT+02... Line found: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Line found: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jun 24 2011 14:02:33 GMT+0200"); Line found: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Line found: user_pref("CommunityToolbar.alert.locale", "en"); Line found: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Line found: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Jun 25 2011 14:03:44 GMT+0200"); Line found: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Line found: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Line found: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Line found: user_pref("CommunityToolbar.alert.showTrayIcon", false); Line found: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Line found: user_pref("CommunityToolbar.alert.userId", "a81917b5-f409-41a4-a4d5-b9b3ac4986e8"); Line found: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Dec 25 2010 11:52:06 GMT+0100"); Line found: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Line found: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Line found: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2304157"); Line found: user_pref("CommunityToolbar.twitter.user_21817319.LastCheckTime", "Sat Feb 27 2010 22:01:38 GMT+0100... Line found: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun May 22 2011 19:20:27 GMT+0200"); Line found: user_pref("ConduitEngine.CTID", "ConduitEngine"); Line found: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Thu Jun 23 2011 15:25:24 GMT+0200"); Line found: user_pref("ConduitEngine.FirstServerDate", "12/25/2010 13"); Line found: user_pref("ConduitEngine.FirstTime", true); Line found: user_pref("ConduitEngine.FirstTimeFF3", true); Line found: user_pref("ConduitEngine.FixPageNotFoundErrors", false); Line found: user_pref("ConduitEngine.HasUserGlobalKeys", true); Line found: user_pref("ConduitEngine.HideEngineAfterRestart", false); Line found: user_pref("ConduitEngine.Initialize", true); Line found: user_pref("ConduitEngine.InitializeCommonPrefs", true); Line found: user_pref("ConduitEngine.InstallationType", "UnknownIntegration"); Line found: user_pref("ConduitEngine.InstalledDate", "Sat Dec 25 2010 11:52:06 GMT+0100"); Line found: user_pref("ConduitEngine.IsMulticommunity", false); Line found: user_pref("ConduitEngine.IsOpenThankYouPage", false); Line found: user_pref("ConduitEngine.IsOpenUninstallPage", false); Line found: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Jun 25 2011 14:03:46 GMT+0200"); Line found: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Wed Jan 26 2011 19:10:24 GMT+0100"); Line found: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Jun 25 2011 14:03:45 GMT+0200"); Line found: user_pref("ConduitEngine.PublisherContainerWidth", 0); Line found: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Line found: user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C... Line found: user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Jun 25 2011 14:03:46 GMT+0200"); Line found: user_pref("ConduitEngine.UserID", "UN25740780366198381"); Line found: user_pref("ConduitEngine.engineLocale", "pl"); Line found: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Jun 25 2011 14:03:46 GMT+0200"); Line found: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Jun 25 2011 10:58:08 GMT+0200"); Line found: user_pref("ConduitEngine.initDone", true); Line found: user_pref("ConduitEngine.isAppTrackingManagerOn", true); Line found: user_pref("ConduitEngine.usagesFlag", 2); Line found: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&Sea... -- File closed -- Key found: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKLM\Software\Classes\CLSID\{52731ABB-E520-45F6-813E-04332468CC78} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{52731ABB-E520-45F6-813E-04332468CC78} Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\Toolbar.CT2304157 Key found: HKLM\Software\Classes\Toolbar.CT2786678 Key found: HKLM\Software\Conduit Key found: HKLM\Software\conduitEngine Key found: HKCU\Software\Conduit Key found: HKCU\Software\conduitEngine Key found: HKCU\Software\PopCap Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FBB558A-41D6-430C-9532-4BB0B979B5B2} Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} ============== ADDITIONNAL SCAN ============== -- C:\Documents and Settings\WIN\Dane aplikacji\Mozilla\FireFox\Profiles\cwrzww6l.default -- Extensions\2020Player@2020Technologies.com (20-20 3D Viewer) Extensions\2020Player_IKEA@2020Technologies.com (20-20 3D Viewer - IKEA) Extensions\engine@conduit.com (Conduit Engine ) Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms} /) Prefs.js - browser.download.lastDir, D:\\Micha³\\Wszystko\\Walka z wirusem Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms} Prefs.js - browser.startup.homepage, hxxp://www.onet.pl/# Prefs.js - browser.startup.homepage_override.buildID, 20111104165243 Prefs.js - browser.startup.homepage_override.mstone, rv:8.0 ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Start Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "XfireXO Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x) HKCU_Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files\ConduitEngine\ConduitEngine.dll) HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files\ConduitEngine\ConduitEngine.dll) HKLM_ElevationPolicy\038d56af-afba-40bb-8d92-712b1048af48 - C:\Program Files\XfireXO\XfireXOToolbarHelper.exe (x) HKLM_ElevationPolicy\293c9e7a-b70c-4a30-89d3-9f792c673278 - C:\Program Files\XfireXO\XfireXOToolbarHelper.exe (x) HKLM_ElevationPolicy\dd019259-d31c-4196-84d2-bdc6475a1868 - C:\Program Files\XfireXO\XfireXOToolbarHelper.exe (x) HKLM_ElevationPolicy\{4FBB558A-41D6-430C-9532-4BB0B979B5B2} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (Conduit Ltd.) HKLM_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Program Files\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll) BHO\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - "IplexToALLPlayer" (D:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL) ======================================== D:\Program Files\Ad-Remover\Quarantine: 0 File(s) D:\Program Files\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 19/11/2011 12:51:38 (9981 Byte(s)) End at: 12:52:20, 19/11/2011 ============== E.O.F ==============