======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 19:33:11 on 10/08/2011, Normal boot Microsoft Windows 7 Home Premium Service Pack 1 (X64) Justynka & Adaś@JUSTYNKA-ADAŚ (System manufacturer P5K Premium) ============== SEARCH ============== Folder found: C:\Users\Justynka & Adaś\AppData\Roaming\Mozilla\FireFox\Profiles\klvtiubn.default\conduit Folder found: C:\Users\Justynka & Adaś\AppData\Roaming\Mozilla\FireFox\Profiles\klvtiubn.default\ConduitEngine Folder found: C:\Users\Justynka & Adaś\AppData\Local\Conduit Folder found: C:\Users\Justynka & Adaś\AppData\LocalLow\Conduit -- File opened: C:\Users\Justynka & Adaś\AppData\Roaming\Mozilla\FireFox\Profiles\klvtiubn.default\Prefs.js -- Line found: user_pref("CT2801948.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT280... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/PL", "\"0\"... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"")... Line found: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2801948", ... Line found: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2801948", ... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.5... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.... Line found: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2801948",... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2801948/CT2801948... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2801948/CT2801948... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\... Line found: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"... Line found: user_pref("CommunityToolbar.EngineHiddenByUser", false); Line found: user_pref("CommunityToolbar.EngineOwner", "CT2801948"); Line found: user_pref("CommunityToolbar.EngineOwnerGuid", "{37483b40-c254-4a72-bda4-22ee90182c1e}"); Line found: user_pref("CommunityToolbar.EngineOwnerToolbarId", "nch_en"); Line found: user_pref("CommunityToolbar.IsEngineShown", false); Line found: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Line found: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2801948"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{37483b40-c254-4a72-bda4-22ee90182c1e}"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "nch_en"); Line found: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://start.facemoods.com/results.php?f... Line found: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2801948"); Line found: user_pref("CommunityToolbar.ToolbarsList2", "CT2801948"); Line found: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Jun 01 2011 23:51:56 GMT+02... Line found: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Line found: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jun 22 2011 20:36:32 GMT+0200"); Line found: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Line found: user_pref("CommunityToolbar.alert.locale", "en"); Line found: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Line found: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 09:02:56 GMT+0200"); Line found: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Line found: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Line found: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Line found: user_pref("CommunityToolbar.alert.showTrayIcon", false); Line found: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Line found: user_pref("CommunityToolbar.alert.userId", "3b2fae1c-a19e-497e-8ab1-f8f55dfcfece"); Line found: user_pref("CommunityToolbar.globalUserId", "6c3b532c-00f9-40a9-86f9-df77a352e2d7"); Line found: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Line found: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Line found: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2801948"); Line found: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Mon Jun 20 2011 21:41:59 GMT+0200"); Line found: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Jun 01 2011 23:51:55 GMT+0200"); Line found: user_pref("ConduitEngine.FirstServerDate", "06/02/2011 00"); Line found: user_pref("ConduitEngine.FirstTime", true); Line found: user_pref("ConduitEngine.FirstTimeFF3", true); Line found: user_pref("ConduitEngine.HasUserGlobalKeys", true); Line found: user_pref("ConduitEngine.HideEngineAfterRestart", true); Line found: user_pref("ConduitEngine.Initialize", true); Line found: user_pref("ConduitEngine.InitializeCommonPrefs", true); Line found: user_pref("ConduitEngine.InstalledDate", "Wed Jun 01 2011 23:51:56 GMT+0200"); Line found: user_pref("ConduitEngine.IsMulticommunity", false); Line found: user_pref("ConduitEngine.IsOpenThankYouPage", false); Line found: user_pref("ConduitEngine.IsOpenUninstallPage", true); Line found: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Jun 01 2011 23:51:55 GMT+0200"); Line found: user_pref("ConduitEngine.LastLogin_3.3.5.1", "Wed Jun 01 2011 23:51:55 GMT+0200"); Line found: user_pref("ConduitEngine.PublisherContainerWidth", 0); Line found: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Line found: user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Jun 01 2011 23:51:55 GMT+0200"); Line found: user_pref("ConduitEngine.UserID", "UN14428790645220535"); Line found: user_pref("ConduitEngine.engineLocale", "pl"); Line found: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Jun 01 2011 23:51:55 GMT+0200"); Line found: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Jun 01 2011 23:51:56 GMT+0200"); Line found: user_pref("ConduitEngine.initDone", true); Line found: user_pref("ConduitEngine.isAppTrackingManagerOn", true); -- File closed -- Key found: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\Toolbar.CT2801948 Key found: HKLM\Software\Conduit Key found: HKCU\Software\Conduit Key found: HKCU\Software\AppDataLow\Software\Toolbar Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [5.0.1 (pl)] **** Plugins\npwachk.dll (Nullsoft, Inc.) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x) HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) -- C:\Users\Justynka & Adaś\AppData\Roaming\Mozilla\FireFox\Profiles\klvtiubn.default -- Searchplugins\wowhead.xml (?) Searchplugins\youtube.xml (?) Prefs.js - browser.download.lastDir, C:\\Users\\Justynka & Adaś\\Desktop Prefs.js - browser.search.defaulturl, Prefs.js - browser.startup.homepage, hxxp://www.google.pl/ Prefs.js - browser.startup.homepage_override.buildID, 20110707182747 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0.1 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKCU_Main|Start Page - hxxp://www.interia.pl/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_URLSearchHooks|{37483b40-c254-4a72-bda4-22ee90182c1e} (x) HKCU_SearchScopes\{07262E2E-6D8C-4540-B6DA-170426104F39} - "Allegro" (hxxp://www.allegro.pl/search.php?sg=0&string={searchTerms}) HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Search" (hxxp://start.facemoods.com/?a=w7th&s={searchTerms}&f=4) HKCU_SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - "NCH EN Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - "NCH EN Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Pomocnik logowania za pomocą identyfikatora Windows Live" (C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s) C:\Program Files (x86)\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 10/08/2011 19:33:40 (11809 Byte(s)) End at: 19:34:33, 10/08/2011 ============== E.O.F ==============