======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Launched at 10:51:31 on 04/12/2011, Normal boot Microsoft Windows 7 Ultimate Service Pack 1 (X64) Zaj@ZAJ-PC (System manufacturer System Product Name) ============== SEARCH ============== Folder found: C:\Users\Zaj\AppData\Roaming\Mozilla\FireFox\Profiles\1uo4ff0u.default\conduit Folder found: C:\Users\Zaj\AppData\Roaming\Mozilla\FireFox\Profiles\1uo4ff0u.default\extensions\vshare@toolbar Folder found: C:\Users\Zaj\AppData\LocalLow\vShare File found: C:\Users\Zaj\Downloads\vshare-plugin.exe -- File opened: C:\Users\Zaj\AppData\Roaming\Mozilla\FireFox\Profiles\1uo4ff0u.default\Prefs.js -- Line found: user_pref("extensions.asktb.cbid", "QO"); Line found: user_pref("extensions.asktb.crumb", "2010.11.29+11.52.08-toolbar001iad-PL-V2Fyc2F3LFBvbGFuZA%3D%3D")... Line found: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}... Line found: user_pref("extensions.asktb.dtid", "YYYYYYYYPL"); Line found: user_pref("extensions.asktb.fresh-install", false); Line found: user_pref("extensions.asktb.l", "dis"); Line found: user_pref("extensions.asktb.last-config-req", "1295554373583"); Line found: user_pref("extensions.asktb.locale", "en_US"); Line found: user_pref("extensions.asktb.o", "16141"); Line found: user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Line found: user_pref("extensions.asktb.qsrc", "2871"); Line found: user_pref("extensions.asktb.r", "2"); Line found: user_pref("extensions.asktb.search-suggestions-enabled", true); Line found: user_pref("extensions.enabledItems", "firefox@tvunetworks.com:2,5,3,1,SkipScreen@SkipScreen:0.5.23s,... Line found: user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a2... Line found: user_pref("extensions.vshare@toolbar.update.enabled", false); Line found: user_pref("vshare.install.date", "1297728000000"); Line found: user_pref("vshare.install.dumpFileCount", 0); Line found: user_pref("vshare.install.dumpFileDisabled", false); Line found: user_pref("vshare.install.finished", "1.0.0"); Line found: user_pref("vshare.install.guid", "{d78e8f85-dfda-45ad-ad7b-e41c91a47d7b}"); Line found: user_pref("vshare.install.isHidden", true); Line found: user_pref("vshare.install.istoolbarhp", true); Line found: user_pref("vshare.install.istoolbarsearch", true); Line found: user_pref("vshare.install.laststatreq", "1308960000000"); Line found: user_pref("vshare.install.newtab", true); Line found: user_pref("vshare.install.overlayVersion", 1); Line found: user_pref("vshare.install.userHPSettings", "hxxp://pl.start3.mozilla.com/firefox?client=firefox-a&rl... Line found: user_pref("vshare.install.userSPSettings", ""); -- File closed -- Key found: HKLM\Software\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key found: HKLM\Software\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D} Key found: HKLM\Software\Classes\vShare.ScriptHelpers Key found: HKLM\Software\Classes\vShare.ScriptHelpers.1 Key found: HKCU\Software\Ask.com Key found: HKCU\Software\AppDataLow\Software\AskToolbar Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKLM\Software\Classes\PROTOCOLS\Handler\vsharechrome ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [8.0.1 (pl)] **** HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) -- C:\Users\Zaj\AppData\Roaming\Mozilla\FireFox\Profiles\1uo4ff0u.default -- Extensions\vshare@toolbar (vShare) Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} (ChatZilla) Prefs.js - browser.download.dir, O: Prefs.js - browser.download.lastDir, O:\\Downloads\\lhart.com\\bus stop Prefs.js - browser.search.defaultenginename, Prefs.js - browser.search.defaulturl, hxxp://babelfish.iamwired.net/search.php?src=tops&q= Prefs.js - browser.startup.homepage, hxxp://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official Prefs.js - browser.startup.homepage_override.buildID, 20111120135848 Prefs.js - browser.startup.homepage_override.mstone, rv:8.0.1 ======================================== **** Internet Explorer Version [8.0.7601.17514] **** HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} - "Web Search..." (hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp) HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4) HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x) HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (C:\Program Files (x86)\Orbitdownloader\GrabPro.dll) HKLM_Toolbar|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (C:\Program Files (x86)\Orbitdownloader\GrabPro.dll) HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?) HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?) HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\Zaj\AppData\Local\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x) HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\lip.exe (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files (x86)\Orbitdownloader\orbitdm.exe (Orbitdownloader.com) HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?) HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_ElevationPolicy\{C8D05139-D04A-44A1-822E-6E3737CC880B} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (x) HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?) BHO\{000123B4-9B42-4900-B3F7-F4B073EFC214} - "Octh Class" (C:\Program Files (x86)\Orbitdownloader\orbitcth.dll) BHO\{8170D7DC-BDD6-461e-88EB-F047257898C9} - "DownloadStudio IE Add-on" (C:\Program Files (x86)\Conceiva\DownloadStudio\DLMonitr.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s) C:\Program Files (x86)\Ad-Remover\Backup: 1 File(s) C:\Ad-Report-SCAN[1].txt - 04/12/2011 01:32:18 (11846 Byte(s)) C:\Ad-Report-SCAN[2].txt - 04/12/2011 10:51:33 (8553 Byte(s)) End at: 10:51:55, 04/12/2011 ============== E.O.F ==============