======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [2]) -> Launched at 19:17:08 on 05/06/2011, Normal boot Microsoft Windows 7 Home Premium (X64) SISIEK@SISIEK-KOMPUTER (Dell Inc. Inspiron M5010) ============== ACTION(S) ============== (!) -- Temporary files deleted. Key deleted: HKLM\Software\Classes\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} Key deleted: HKLM\Software\Classes\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} Key deleted: HKLM\Software\Classes\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D} Key deleted: HKLM\Software\Classes\CLSID\{CFC16189-8A92-4a29-A940-60248385F426} Key deleted: HKLM\Software\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9} Key deleted: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} Key deleted: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861} Key deleted: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key deleted: HKLM\Software\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3} Key deleted: HKLM\Software\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110} Key deleted: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337} Key deleted: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB} Key deleted: HKLM\Software\Classes\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9} Key deleted: HKLM\Software\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} Key deleted: HKLM\Software\Classes\ClickPotatoLiteAX.info Key deleted: HKLM\Software\Classes\ClickPotatoLiteAX.info.1 Key deleted: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles Key deleted: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles.1 Key deleted: HKLM\Software\Classes\Conduit.Engine Key deleted: HKLM\Software\Classes\MenuButtonIE.ButtonIE Key deleted: HKLM\Software\Classes\MenuButtonIE.ButtonIE.1 Key deleted: HKLM\Software\Classes\ShopperReports.CntntDic Key deleted: HKLM\Software\Classes\ShopperReports.CntntDic.1 Key deleted: HKLM\Software\Classes\ShopperReports.CntntDisp Key deleted: HKLM\Software\Classes\ShopperReports.CntntDisp.1 Key deleted: HKLM\Software\Classes\ShopperReports.Stock Key deleted: HKLM\Software\Classes\ShopperReports.Stock.1 Key deleted: HKLM\Software\Classes\Toolbar.CT2504091 Key deleted: HKLM\Software\Classes\Toolbar.CT2530240 Key deleted: HKLM\Software\Classes\AppID\BRNstIE.DLL Key deleted: HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} Key deleted: HKLM\Software\Classes\AppID\MenuButtonIE.DLL Key deleted: HKLM\Software\Classes\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} Key deleted: HKLM\Software\ClickPotatoLite Key deleted: HKLM\Software\Conduit Key deleted: HKLM\Software\ShopperReports3 Key deleted: HKCU\Software\ClickPotatoLiteSA Key deleted: HKCU\Software\Conduit Key deleted: HKCU\Software\ShopperReports3 Key deleted: HKCU\Software\AppDataLow\Software\PriceGong Key deleted: HKCU\Software\AppDataLow\Software\Toolbar Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5} Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.0.517.0 Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790775B476595332A099 Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|ShopperReports@ShopperReports.com Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|ClickPotatoLite@ClickPotatoLite.com Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [4.0.1 (pl)] **** Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=7c4e86d40000000000005cac4c52d3af&tlver=1.4.19.19&affID=17160/) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) Components\Scriptff.dll (McAfee, Inc.) -- C:\Users\SISIEK\AppData\Roaming\Mozilla\FireFox\Profiles\jbv9nt5e.default -- Extensions\ffxtlbr@babylon.com (Babylon) Extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} (Softonic-Polska Community Toolbar) Searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml (?) Prefs.js - browser.download.dir, C:\\Users\\SISIEK\\Desktop\\MUZYKA - FILMY Prefs.js - browser.search.defaultenginename, Yahoo Prefs.js - browser.search.selectedEngine, Yahoo Prefs.js - browser.startup.homepage, hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=7c4e86d40000000000005cac4c52d3af&tlver=1.4.19.1... Prefs.js - browser.startup.homepage_override.buildID, 20110413222027 Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1 Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=7c4e86d40000000000005cac4c52d3af&tlver=1.4.19.19&instlRef=ss... ======================================== **** Google Chrome Version [11.0.696.71] **** Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (x) -- C:\Users\SISIEK\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Search the web (Babylon)" (Enabled: true) (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=7c4e86d40000000000005cac4c52d3af&tlver=1.4.19.19&affID=17160) Preferences - homepage: hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=7c4e86d40000000000005cac4c52d3af&tlver=1.4.19.19&affID=17160 Preferences - homepage_is_newtabpage: false ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x) HKCU_URLSearchHooks|{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} (x) HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (x) HKCU_Toolbar\WebBrowser|{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{1FCCD250-A453-4348-86C1-E5EA9B76FADB} - C:\Program Files\McAfee\VirusScan\mcvsmap.exe (McAfee, Inc.) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{A8F94DF3-F6C6-422a-8BFC-7EE0F60A8609} - C:\Program Files\McAfee\VirusScan\mcvsshld.exe (McAfee, Inc.) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110605102537.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 176 File(s) C:\Program Files (x86)\Ad-Remover\Backup: 14 File(s) C:\Ad-Report-CLEAN[1].txt - 05/06/2011 19:01:43 (1623 Byte(s)) C:\Ad-Report-CLEAN[2].txt - 05/06/2011 19:17:17 (9208 Byte(s)) End at: 19:20:45, 05/06/2011 ============== E.O.F ==============