======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 16:38:42 on 17/06/2011, Normal boot

Microsoft® Windows Vista™ Home Basic   (X86) 
Marcin@SNOTF (FUJITSU SIEMENS AMILO Pi 1505) 
 
============== SEARCH ==============


Folder found: C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Folder found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato
Folder found: C:\ProgramData\ClickPotatoLiteSA
Folder found: C:\Users\Marcin\AppData\Local\OpenCandy

Key found: HKLM\Software\Classes\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}
Key found: HKLM\Software\Classes\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C}
Key found: HKLM\Software\Classes\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29}
Key found: HKLM\Software\Classes\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
Key found: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Key found: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
Key found: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
Key found: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Key found: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Key found: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Key found: HKLM\Software\Classes\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}
Key found: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key found: HKLM\Software\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}
Key found: HKLM\Software\Classes\ClickPotatoLiteAX.info
Key found: HKLM\Software\Classes\ClickPotatoLiteAX.info.1
Key found: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles
Key found: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles.1
Key found: HKLM\Software\Classes\MenuButtonIE.ButtonIE
Key found: HKLM\Software\Classes\MenuButtonIE.ButtonIE.1
Key found: HKLM\Software\Classes\AppID\MenuButtonIE.DLL
Key found: HKLM\Software\ClickPotatoLite
Key found: HKLM\Software\Conduit
Key found: HKCU\Software\AutocompleteProBHO
Key found: HKCU\Software\ClickPotatoLiteSA
Key found: HKCU\Software\Conduit
Key found: HKCU\Software\Grand Virtual
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [3.6.17 (pl)] ****

FIREFOX.EXE\Shell\Open\Command - "C:\Users\Marcin\AppData\Local\ghh.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe"
HKLM_MozillaPlugins\@radialpoint.com/SPA,version=1 (x)
Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search)
Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results)
Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb)
Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms})
Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj)
Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms})

-- C:\Users\Marcin\AppData\Roaming\Mozilla\FireFox\Profiles\u4cyky9y.default --
Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} (TV.wrzuc.to)
Prefs.js - browser.download.dir, C:\\Users\\Marcin\\Downloads
Prefs.js - browser.download.lastDir, C:\\Users\\Marcin\\Desktop
Prefs.js - browser.search.defaultenginename, 
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.pajacyk.pl/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.17

========================================

**** Internet Explorer Version [7.0.6000.17037] ****

IEXPLORE.EXE\Shell\Open\Command - C:\Users\Marcin\AppData\Local\ghh.exe -a C:\Program Files\Internet Explorer\iexplore.exe
HKCU_Main|Search bar - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60468
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://onet.pl/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - "Szukanie Crawler" (hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60468)
HKCU_SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4} - "PDFCreator Toolbar" (hxxp://search.pdfcreator-toolbar.org/search?p=Q&ts=ne&w={searchTerms}&csrc=searc...)
HKCU_ElevationPolicy\{47C53625-D229-4C8F-82E2-1ED363AE0D78} - C:\Program Files\BitComet\BitComet.exe (x)
HKCU_ElevationPolicy\{48DE111E-A07F-4393-8FED-2B1E8C6EF6F6} - C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe (x)
HKCU_ElevationPolicy\{60767602-F8EF-456B-A695-9D6548166565} - C:\Program Files\NOL3\Notowania OnLine 3.0 DM BOS S.A\NOL3.exe (x)
HKCU_ElevationPolicy\{8C93AA65-25EC-4377-B278-250F68A2DE8E} - C:\Windows\System32\Macromed\Flash\FlashUtil9d.exe (x)
HKCU_ElevationPolicy\{BBDA703C-0E74-45C7-86F9-1A56F716C42C} - C:\Program Files\IrfanView\i_view32.exe (Irfan Skiljan)
HKLM_ElevationPolicy\{4181C878-6A35-406d-8D1B-030C80F8DDAE} - C:\Program Files\Virgin Broadband\advisor\BroadbandadvisorComHandler.exe (Radialpoint Inc.)
HKLM_ElevationPolicy\{6354B1ED-3B82-405a-87F7-B278EF054B96} - C:\Program Files\Photodex Presenter\pxplay.exe (Photodex Corporation)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "AcroIEHlprObj Class" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 1 File(s)

C:\Ad-Report-SCAN[1].txt - 17/06/2011 16:39:50 (6637 Byte(s)) 

End at: 16:41:03, 17/06/2011 
 
============== E.O.F ==============