======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Launched at 16:58:19 on 10/12/2011, Normal boot Microsoft Windows XP Home Edition Service Pack 2 (X86) qbar@YOUR-E0367A1424 ( ) ============== SEARCH ============== Folder found: C:\Documents and Settings\qbar\Local Settings\Application Data\Conduit Key found: HKLM\Software\Classes\CLSID\{601ac3dc-786a-4eb0-bf40-ee3521e70bfb} Key found: HKLM\Software\Classes\CLSID\{72b3882f-453a-4633-aac9-8c3dced62aff} Key found: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393} Key found: HKLM\Software\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Key found: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2} Key found: HKLM\Software\pandobar Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine ============== ADDITIONNAL SCAN ============== **** Google Chrome Version [15.0.874.121] **** -- C:\Documents and Settings\qbar\Local Settings\Application Data\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (?) Preferences - homepage: hxxp://www.google.com/ Preferences - homepage_is_newtabpage: true Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x) Plugin - Native Client (Enabled: true) (C:\Documents and Settings\qbar\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - "Remoting Viewer" (Enabled: true) Plugin - "Native Client" (Enabled: true) Plugin - "npFFApi" (Enabled: true) ======================================== **** Internet Explorer Version [6.0.2900.2180] **** HKCU_Main|Search bar - hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR HKCU_Main|Search Page - hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR HKCU_Main|Start Page - hxxp://www.google.pl/ HKLM_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "ZoneAlarm Security Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x) HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Documents and Settings\qbar\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x) HKLM_ElevationPolicy\313c28cc-39ab-4929-8dfa-edf95f23cb0d - C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe (x) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "AcroIEHlprObj Class" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll) BHO\{5CA3D70E-1895-11CF-8E15-001234567890} - "DriveLetterAccess" (C:\WINDOWS\system32\dla\tfswshx.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[2].txt - 10/12/2011 16:58:23 (511 Byte(s)) End at: 16:58:51, 10/12/2011 ============== E.O.F ==============