======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 17:39:13 on 24/11/2011, Normal boot Microsoft Windows 7 Home Premium Service Pack 1 (X64) Greg@GREG-KOMPUTER (Gigabyte Technology Co., Ltd. EX58-UD3R) ============== SEARCH ============== Folder found: C:\Program Files (x86)\Conduit Folder found: C:\Users\Greg\AppData\LocalLow\vShare Key found: HKLM\Software\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKLM\Software\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key found: HKLM\Software\Classes\CLSID\{3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} Key found: HKLM\Software\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D} Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key found: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key found: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key found: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key found: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8} Key found: HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key found: HKLM\Software\Classes\TypeLib\{3E315C81-442B-431C-AEC8-ED189699EC24} Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 Key found: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO Key found: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO.1 Key found: HKLM\Software\Classes\Toolbar.CT2465030 Key found: HKLM\Software\Classes\vShare.IMedixProtocol Key found: HKLM\Software\Classes\vShare.IMedixProtocol.1 Key found: HKLM\Software\Classes\vShare.PugiObj Key found: HKLM\Software\Classes\vShare.PugiObj.1 Key found: HKLM\Software\Classes\vShare.ScriptHelpers Key found: HKLM\Software\Classes\vShare.ScriptHelpers.1 Key found: HKLM\Software\Classes\AppID\AutocompletePro.DLL Key found: HKLM\Software\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key found: HKLM\Software\Conduit Key found: HKCU\Software\Ask.com Key found: HKCU\Software\AutocompletePro Key found: HKCU\Software\AutocompleteProBHO Key found: HKCU\Software\Zugo Key found: HKCU\Software\AppDataLow\AskToolbarInfo Key found: HKCU\Software\AppDataLow\Software\AskToolbar Key found: HKCU\Software\AppDataLow\Software\Conduit Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key found: HKLM\Software\Classes\PROTOCOLS\Handler\vsharechrome Key found: HKLM\Software\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{043C5167-00BB-4324-AF7E-62013FAEDACF} Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{043C5167-00BB-4324-AF7E-62013FAEDACF} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [8.0.1 (pl)] **** Plugins\npganymedenet.dll ( ) HKLM_MozillaPlugins\@esn.me/esnsonar,version=0.70.0 (x) HKLM_MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0 (x) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x) HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype Click to Call) HKLM_Extensions|fe_7.0@nokia.com - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 -- C:\Users\Greg\AppData\Roaming\Mozilla\FireFox\Profiles\2ds0vpi7.default -- Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.12 ======================================== **** Google Chrome Version [17.0.942.0] **** Extension\defdhglnppeioeflggkmglipcecffkhk (C:\Program Files (x86)\AutocompletePro\chrome\autocompleteprochrome.crx) (x) Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx) (x) Extension\lifbcibllhkdhoafpjfnlhfpfgnpldfl (C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx) (?) -- C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (?) Preferences - homepage: hxxp://www.google.pl/ Preferences - homepage_is_newtabpage: false Plugin - Shockwave Flash (Enabled: false) (C:\Users\Greg\AppData\Local\Google\Chrome\User Data\PepperFlash\11.0.31.200\pepflashplayer.dll) Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x) Plugin - "Remoting Viewer" (Enabled: true) Plugin - Native Client (Enabled: true) (C:\Users\Greg\AppData\Local\Google\Chrome\Application\17.0.942.0\ppGoogleNaClPluginChrome.dll) Plugin - "Native Client" (Enabled: true) Plugin - Skype Toolbars (Enabled: true) (C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll) Plugin - "Skype Toolbars" (Enabled: true) Plugin - "Java" (Enabled: true) Plugin - "GanymedeNet.Detector" (Enabled: true) Plugin - "Picasa" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - NVIDIA 3D Vision (Enabled: true) (C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll) Plugin - "NVIDIA 3D Vision" (Enabled: true) Plugin - NVIDIA 3D VISION (Enabled: true) (C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll) Plugin - "NVIDIA 3D VISION" (Enabled: true) ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKCU_Main|Start Page - hxxp://google.pl/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_URLSearchHooks|{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - "DeviceVM Url Search Hook" (C:\Windows\SysWOW64\dvmurl.dll) HKCU_SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} - "Web Search..." (hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp) HKCU_SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - "Search the web (Babylon)" (hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch) HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=CLM&o=&src=crm&q={searchTerms}&lo...) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "mipony-plugin Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "mipony-plugin Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKCU_Toolbar\WebBrowser|{043C5167-00BB-4324-AF7E-62013FAEDACF} (C:\Program Files (x86)\vShare\vshare_toolbar.dll) (x) HKLM_Toolbar|{043C5167-00BB-4324-AF7E-62013FAEDACF} (C:\Program Files (x86)\vShare\vshare_toolbar.dll) (x) HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (x) HKCU_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files (x86)\Ask.com\SaUpdate.exe (x) HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\Greg\AppData\Local\Google\Chrome\Application\16.0.889.0\chrome_launcher.exe (x) HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (x) HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarsrv.exe (x) HKLM_ElevationPolicy\2627e905-bd2f-4bf6-a3df-5861f20b0e68 - C:\Program Files (x86)\mipony-plugin\mipony-pluginToolbarHelper.exe (x) HKLM_ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\lip.exe (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{49CF0734-BF9A-4444-BC9F-C26E56AF042F} - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\SonarHost.exe (x) HKLM_ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788} - C:\Program Files\Microsoft Office\Office14\winproj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files (x86)\Ask.com\SaUpdate.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (x) HKLM_Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086} - "?" (?) BHO\{043C5167-00BB-4324-AF7E-62013FAEDACF} - "vShare Plugin" (C:\Program Files (x86)\vShare\vshare_toolbar.dll) (x) BHO\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - "CIESpeechBHO Class" (C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll) BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s) C:\Program Files (x86)\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 24/11/2011 17:39:22 (11908 Byte(s)) End at: 17:40:15, 24/11/2011 ============== E.O.F ==============