======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Launched at 15:15:03 on 07/01/2012, Normal boot Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64) Jola@JOLA-PC (Gateway MD7818U) ============== SEARCH ============== Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [9.0.1 (pl)] **** Plugins\npdeployJava1.dll (Oracle Corporation) Plugins\npwachk.dll (Nullsoft, Inc.) HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 HKCU_Extensions|mozilla_cc@internetdownloadmanager.com - C:\Users\Jola\AppData\Roaming\IDM\idmmzcc5 -- C:\Users\Jola\AppData\Roaming\Mozilla\FireFox\Profiles\efj8w1d6.default -- Prefs.js - browser.download.lastDir, C:\\Users\\Jola\\Downloads Prefs.js - browser.search.defaultenginename, Winamp Search Prefs.js - browser.search.defaulturl, hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinamp... Prefs.js - browser.search.selectedEngine, Winamp Search Prefs.js - browser.startup.homepage, hxxp://www.interia.pl/ Prefs.js - browser.startup.homepage_override.buildID, 20111220165912 Prefs.js - browser.startup.homepage_override.mstone, rv:9.0.1 Prefs.js - keyword.URL, hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1208&m=md7818u&c=BB HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Page_URL - hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1208&m=md7818u&c=BB HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1208&m=md7818u&c=BB HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=IMB&o=&src=crm&q={searchTerms}&lo...) HKCU_Toolbar\WebBrowser|{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} (x) HKLM_Toolbar|{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} (C:\Program Files (x86)\MSN\Toolbar\3.0.1125.0\msneshellx.dll) HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.) HKCU_ElevationPolicy\{1CB66F3D-5B2E-4BFE-BC1A-FADB8008D05E} - C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) HKCU_ElevationPolicy\{B37DDDE4-3340-4A50-A304-2E1D91AB18AF} - C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe (x) HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files (x86)\Java\jre7\bin\unpack200.exe (Oracle Corporation) HKLM_ElevationPolicy\{442E3CEB-D71B-11DA-8750-001185653D78} - c:\program files (x86)\google\googletoolbar1user.exe (x) HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe (Oracle Corporation) HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files (x86)\Java\jre7\bin\javaws.exe (Oracle Corporation) HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files (x86)\Common Files\DivX Shared\DesktopService\DDMService.exe (DivX, LLC) HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe (Oracle Corporation) HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files (x86)\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.) HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) BHO\{0055C089-8582-441B-A0BF-17B458C2A3A8} - "IDM integration (IDMIEHlprObj Class)" (C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll) BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5