======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 23:25:01 on 04/08/2011, Normal boot

Microsoft Windows 7 Home Premium   (X86) 
Marcin@USER-KOMPUTER (Gigabyte Technology Co., Ltd. G31M-ES2L) 
 
============== ACTION(S) ==============


Folder deleted: C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\070hqcbw.default\extensions\vshare@toolbar
File deleted: C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\070hqcbw.default\searchplugins\web-search.xml
Folder deleted: C:\Users\Marcin\AppData\LocalLow\Conduit
Folder deleted: C:\Users\Marcin\AppData\LocalLow\PriceGong
Folder deleted: C:\ProgramData\Trymedia

(!) -- Temporary files deleted.


-- File opened: C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\070hqcbw.default\Prefs.js --
Line deleted: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df"); 
Line deleted: user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"linkfilter@kaspersky.r... 
Line deleted: user_pref("extensions.vshare@toolbar.install-event-fired", true); 
Line deleted: user_pref("keyword.URL", "hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q="); 
Line deleted: user_pref("vshare.install.date", "1301788800000"); 
Line deleted: user_pref("vshare.install.dumpFileCount", 0); 
Line deleted: user_pref("vshare.install.dumpFileDisabled", false); 
Line deleted: user_pref("vshare.install.finished", "1.0.0"); 
Line deleted: user_pref("vshare.install.guid", "{2ecf6ef1-3126-40ad-b96e-0994afe812be}"); 
Line deleted: user_pref("vshare.install.istoolbarhp", true); 
Line deleted: user_pref("vshare.install.istoolbarsearch", true); 
Line deleted: user_pref("vshare.install.laststatreq", "1304380800000"); 
Line deleted: user_pref("vshare.install.newtab", true); 
Line deleted: user_pref("vshare.install.overlayVersion", 1); 
Line deleted: user_pref("vshare.install.userHPSettings", ""); 
Line deleted: user_pref("vshare.install.userSPSettings", ""); 
-- File closed --
 

Key deleted: HKLM\Software\Classes\Conduit.Engine
Key deleted: HKLM\Software\Classes\Toolbar.CT2786678
Key deleted: HKLM\Software\Conduit
Key deleted: HKLM\Software\PopCap
Key deleted: HKLM\Software\Trymedia Systems
Key deleted: HKCU\Software\AppDataLow\Software\PriceGong
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [5.0.1 (pl)] ****

Plugins\npBitCometAgent.dll (BitComet)
Plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
HKLM_MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0 (x)
HKLM_MozillaPlugins\@pages.tvunetworks.com/WebPlayer (x)
Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&amp;sourceid=Mozilla-search)
Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results)
Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&amp;fraza={searchTerms}&amp;skad=crhhxmkohb)
Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms})
Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj)
Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&amp;r=T&amp;szukaj={searchTerms})
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension		)

-- C:\Users\Marcin\AppData\Roaming\Mozilla\FireFox\Profiles\aei27itk.default --
Prefs.js - browser.startup.homepage, hxxp://www.google.pl/
Prefs.js - browser.startup.homepage_override.buildID, 20110707182747
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0.1

-- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\070hqcbw.default --
Extensions\DTToolbar@toolbarnet.com (DAEMON Tools Toolbar)
Prefs.js - browser.download.lastDir, C:\\Users\\User\\Desktop
Prefs.js - browser.search.defaultenginename, Web Search...
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} - "kikin Search" (hxxp://search.kikin.com/search/?q={searchTerms})
HKLM_SearchScopes\{1645A33F-0A96-4315-904E-29E188E7720E} - "Web Search" (hxxp://startsear.ch/?q={searchTerms})
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{8F8BAD52-D4D2-4669-9E8E-A7AAE8393056} - C:\Program Files\kikin\KikinBroker.exe (kikin)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - "?" (?)
HKLM_Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - "@C:\Windows\WindowsMobile\INetRepl.dll,-222" (C:\Windows\WindowsMobile\INetRepl.dll,210)
HKLM_Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - "?" (?)
HKLM_Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - "BitComet" (C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll,203)
BHO\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - "BitComet Helper" (C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll)
BHO\{E601996F-E400-41CA-804B-CD6373A7EEE2} - "kikin Plugin" (C:\Program Files\kikin\ie_kikin.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 42 File(s)
C:\Program Files\Ad-Remover\Backup: 16 File(s)

C:\Ad-Report-CLEAN[1].txt - 04/08/2011 23:25:08 (7704 Byte(s)) 
C:\Ad-Report-SCAN[1].txt - 31/07/2011 20:58:19 (17151 Byte(s)) 

End at: 23:25:59, 04/08/2011 
 
============== E.O.F ==============