======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Launched at 19:57:10 on 26/01/2012, Normal boot

Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) 
admin@NIEDBA-661BE5BF ( ) 
 
============== SEARCH ==============


Folder found: C:\Documents and Settings\admin\Dane aplikacji\OpenCandy
Folder found: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\OpenCandy

Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key found: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\RelevantKnowledge

Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

**** Google Chrome Version [16.0.912.77] ****

Extension\icmlaeflemplmjndnaapfdbbnpncnbda (C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx) (?)
Extension\ihflimipbcaljfnojhhknppphnnciiif (C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoods.crx) (x)
Extension - jfmjfhklogoienhpfnppmbcbjfjnkonk (x)
Extension\mkndcbhcgphcfkkddanakjiepeknbgle (C:\Program Files\RelevantKnowledge\rlcm.crx) (x)

-- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "facemoods" (Enabled: true) (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4)
Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x)
Plugin - Native Client (Enabled: true) (C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll)
Plugin - Flock Update (Enabled: true) (C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Flock\Update\1.2.213.0\npFlockOneClick8.dll)
Plugin - "Java" (Enabled: true)
Plugin - "Remoting Viewer" (Enabled: true)
Plugin - "Native Client" (Enabled: true)
Plugin - "Flock Update" (Enabled: true)

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Start Page - hxxp://start.facemoods.com/?a=ddr
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search bar - hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Search" (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll) (x)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKLM_Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll) (x)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll)
HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} - "Yahoo! Companion BHO" (C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} - "Ask Toolbar" (C:\Program Files\Ask.com\GenericAskToolbar.dll) (x)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 2 File(s)

C:\Ad-Report-SCAN[1].txt - 26/01/2012 19:55:31 (5636 Byte(s)) 
C:\Ad-Report-SCAN[2].txt - 26/01/2012 19:57:14 (3314 Byte(s)) 

End at: 19:57:36, 26/01/2012 
 
============== E.O.F ==============