======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 22:29:03 on 27/12/2011, Normal boot Microsoft Windows 7 Professional Service Pack 1 (X64) Konrad@KONRAD-PC (- N/A) ============== SEARCH ============== Key found: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key found: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key found: HKU\.DEFAULT\Software\Ask.com Key found: HKU\.DEFAULT\Software\AskToolbar Key found: HKU\S-1-5-18\Software\Ask.com Key found: HKU\S-1-5-18\Software\AskToolbar Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [9.0.1 (pl)] **** FIREFOX.EXE\Shell\Open\Command - "C:\Users\Konrad\AppData\Local\pit.exe" -a "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Plugins\npNOL3_ns8_mozilla.dll (COMARCH S.A.) HKLM_MozillaPlugins\@comarch.com/NOL,version=3.0 (x) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x) HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) -- C:\Users\Konrad\AppData\Roaming\Mozilla\FireFox\Profiles\mm1z4ahd.default -- Prefs.js - browser.download.lastDir, C:\\Users\\Konrad\\Desktop Prefs.js - browser.search.defaultenginename, Prefs.js - browser.search.selectedEngine, Google Prefs.js - browser.startup.homepage, hxxp://google.com Prefs.js - browser.startup.homepage_override.buildID, 20111220165912 Prefs.js - browser.startup.homepage_override.mstone, rv:9.0.1 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** IEXPLORE.EXE\Shell\Open\Command - C:\Users\Konrad\AppData\Local\pit.exe -a C:\Program Files (x86)\Internet Explorer\iexplore.exe HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKCU_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s) C:\Program Files (x86)\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 27/12/2011 22:29:07 (3724 Byte(s)) End at: 22:30:16, 27/12/2011 ============== E.O.F ==============