======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 20:17:09 on 15/12/2011, Normal boot Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) Maja@DOM-183CAF24619 ( ) ============== SEARCH ============== File found: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job Folder found: C:\Documents and Settings\Maja\Dane aplikacji\Mozilla\FireFox\Profiles\v22gw2wk.default\conduit Folder found: C:\Program Files\Ask.com Folder found: C:\Documents and Settings\Maja\Ustawienia lokalne\Dane aplikacji\AskToolbar Folder found: C:\Documents and Settings\Maja\Ustawienia lokalne\Dane aplikacji\Conduit -- File opened: C:\Documents and Settings\Maja\Dane aplikacji\Mozilla\FireFox\Profiles\v22gw2wk.default\Prefs.js -- Line found: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"jqs@sun.com\":{... -- File closed -- Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key found: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 Key found: HKLM\Software\Classes\Toolbar.CT1460988 Key found: HKLM\Software\Classes\Toolbar.CT2086743 Key found: HKLM\Software\Classes\Toolbar.CT2233703 Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key found: HKLM\Software\AskToolbar Key found: HKLM\Software\Conduit Key found: HKCU\Software\Ask.com Key found: HKCU\Software\AskToolbar Key found: HKCU\Software\PriceGong Key found: HKCU\Software\Toolbar Key found: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{62F0E98B-6277-4DB0-8D3F-3ADF99C97455} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [8.0.1 (pl)] **** HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) -- C:\Documents and Settings\Maja\Dane aplikacji\Mozilla\FireFox\Profiles\v22gw2wk.default -- Extensions\zrzuta.eu@gmail.com (Zrzuta.eu) Prefs.js - browser.startup.homepage, wp.pl Prefs.js - browser.startup.homepage_override.mstone, false ======================================== **** Google Chrome Version [16.0.912.63] **** Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx) (x) -- C:\Documents and Settings\Maja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (hxxp://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F) Preferences - homepage: hxxp://wp.pl/ Preferences - homepage_is_newtabpage: false Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x) Plugin - "Remoting Viewer" (Enabled: true) Plugin - Native Client (Enabled: true) (C:\Documents and Settings\Maja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll) Plugin - "Native Client" (Enabled: true) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) ======================================== **** Internet Explorer Version [6.0.2900.5512] **** HKLM_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=bfie&s={searchTerms}&f=4) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "PHPNukeEN Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899} - "Web Search" (hxxp://startsear.ch/?aff=1&src=sp&cf=81fb20ea-2713-11e1-a72a-00138f58243a&q={sea...) HKCU_Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (x) HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll) HKLM_Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll) HKCU_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?) HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Documents and Settings\Maja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x) HKLM_ElevationPolicy\02bbf348-f0bb-475b-add4-7245e4b39f02 - C:\Program Files\PHPNukeEN\PHPNukeENToolbarHelper.exe (x) HKLM_ElevationPolicy\13a43f02-05b5-46af-9631-5ce1f29da44d - C:\Program Files\4shared.com\4shared.comToolbarHelper.exe (x) HKLM_ElevationPolicy\56453ce1-930d-4ecf-aa3c-0b6ab9e0c429 - C:\Program Files\PHPNukeEN\PHPNukeENToolbarHelper.exe (x) HKLM_ElevationPolicy\6652d13c-1c88-4aaf-a78c-86a6b6a67e8f - C:\Program Files\PHPNukeEN\PHPNukeENToolbarHelper.exe (x) HKLM_ElevationPolicy\9d57efb1-22a4-4554-a912-27a67492061c - C:\Program Files\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x) HKLM_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} - "Support.com Toolbar" (C:\Program Files\Ask.com\GenericAskToolbar.dll) BHO\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - "IplexToALLPlayer" (C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 15/12/2011 20:17:25 (8108 Byte(s)) End at: 20:19:57, 15/12/2011 ============== E.O.F ==============