======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 02:20:55 on 11/12/2003, Normal boot Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Pawe莆BEDNARCZ-3C6FC9 ( ) ============== SEARCH ============== Folder found: C:\Documents and Settings\Pawe許Dane aplikacji\Mozilla\FireFox\Profiles\xggheyaa.default\conduit Folder found: C:\Documents and Settings\Pawe許Ustawienia lokalne\Dane aplikacji\Conduit Folder found: C:\Program Files\Conduit Folder found: C:\Program Files\FunWebProducts Folder found: C:\Documents and Settings\Pawe許Dane aplikacji\GabPath Folder found: C:\Program Files\MyWebSearch Folder found: C:\Documents and Settings\Pawe許Dane aplikacji\Toolbar4 -- File opened: C:\Documents and Settings\Pawe許Dane aplikacji\Mozilla\FireFox\Profiles\xggheyaa.default\Prefs.js -- Line found: user_pref("CT2720081.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Line found: user_pref("CT2720081.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT272... Line found: user_pref("CT2776682.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT277... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=1168776&fid=1164461", "\"0\... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168776/1164461/PL", "\"0\"... Line found: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", ... Line found: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63426852822937... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2776682&octid=... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2776682/CT2776682... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/equalizer_dea... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/maxi.gif", "\... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/minimize.gif"... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/pause.gif", "... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/pause_mini.gi... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/play.gif", "\... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/stop.gif", "\... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Mint/vol.gif", "\"... Line found: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634... Line found: user_pref("CommunityToolbar.EngineOwner", "CT2776682"); Line found: user_pref("CommunityToolbar.EngineOwnerGuid", "{51a86bb3-6602-4c85-92a5-130ee4864f13}"); Line found: user_pref("CommunityToolbar.EngineOwnerToolbarId", "brothersoft_extreme"); Line found: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2776682"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{51a86bb3-6602-4c85-92a5-130ee4864f13}"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "brothersoft_extreme"); Line found: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr... Line found: user_pref("CommunityToolbar.ToolbarsList", "CT2720081,CT2776682"); Line found: user_pref("CommunityToolbar.ToolbarsList2", "CT2720081,CT2776682"); Line found: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Line found: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Dec 11 2010 22:45:52 GMT+0100"); Line found: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Line found: user_pref("CommunityToolbar.alert.locale", "en"); Line found: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Line found: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Dec 11 2010 22:45:52 GMT+0100"); Line found: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234"); Line found: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Line found: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Line found: user_pref("CommunityToolbar.alert.showTrayIcon", false); Line found: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Line found: user_pref("CommunityToolbar.alert.userId", "b77b1ea9-d430-4263-8066-d8736a27b5ef"); Line found: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Dec 11 2010 22:45:54 GMT+0100"); Line found: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2776682"); Line found: user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Tue Sep 07 2010 19:21:37 GMT+0200... Line found: user_pref("CommunityToolbar.twitter.user_2557521.LastCheckTime", "Tue Sep 07 2010 19:21:37 GMT+0200"... Line found: user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Tue Sep 07 2010 19:21:37 GMT+0200")... Line found: user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Tue Sep 07 2010 19:21:37 GMT+0200")... Line found: user_pref("extensions.enabledItems", "m3ffxtbr@mywebsearch.com:1.2,{CAFEEFAC-0016-0000-0021-ABCDEFFE... Line found: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"jqs@sun.com\":{... Line found: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea... Line found: user_pref("extensions.mywebsearch.prevKwdEnabled", true); -- File closed -- Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\Toolbar.CT2247187 Key found: HKLM\Software\Classes\Toolbar.CT2720081 Key found: HKLM\Software\Classes\Toolbar.CT2776682 Key found: HKLM\Software\Conduit Key found: HKLM\Software\FocusInteractive Key found: HKLM\Software\Fun Web Products Key found: HKLM\Software\MyWebSearch Key found: HKCU\Software\Conduit Key found: HKCU\Software\MyWebSearch Key found: HKCU\Software\Toolbar Key found: HKCU\Software\Zugo Key found: HKLM\Software\VDownloader\OpenCandy Key found: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin Key found: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\My Web Search Bar Key found: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Key found: HKLM\Software\Classes\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== -- C:\Documents and Settings\Pawe許Dane aplikacji\Mozilla\FireFox\Profiles\xggheyaa.default -- Searchplugins\yahoo-zugo.xml (?) Prefs.js - browser.download.dir, C:\\Documents and Settings\\Pawe許\Pulpit Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Pawe許\Pulpit Prefs.js - browser.search.defaultenginename, Prefs.js - browser.search.defaulturl, Prefs.js - browser.startup.homepage, www.google.pl Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 Prefs.js - keyword.URL, Prefs.js - privacy.popups.showBrowserMessage, false ======================================== **** Internet Explorer Version [6.0.2900.5512] **** HKCU_Main|Start Page Restore - hxxp://www.google.com/ HKLM_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_URLSearchHooks|{707db484-2428-402d-afb5-d85b387544c7} - "Mario Forever Toolbar" (C:\Program Files\Mario_Forever\tbMar1.dll) HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://tbsearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=crm&q={searchTerms...) HKCU_SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - "Search The Web" (hxxp://www.mystart.com/search_w.php?fr=chr-vmn&type=facesmo2_0msch&q={searchTerm...) HKCU_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZRxpt117YYPL&ptb=GgQBa...) HKCU_SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - "BigSeekPro" (hxxp://www.bigseekpro.com/search/browser/hypercam/{474A0CFD-48C5-4E10-AC25-80B1A...) HKCU_SearchScopes\{A9E2B556-CB6D-44AA-838B-04F17CA46CE4} - "Search" (hxxp://www.tangosearch.com/?q={searchTerms}&a=SEARCH) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "BrotherSoft Extreme Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZRxpt117YYPL&ptb=GgQBa...) HKLM_SearchScopes\{A9E2B556-CB6D-44AA-838B-04F17CA46CE4} - "Search" (hxxp://www.tangosearch.com/?q={searchTerms}&a=SEARCH) HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x) HKCU_Toolbar\WebBrowser|{707DB484-2428-402D-AFB5-D85B387544C7} (C:\Program Files\Mario_Forever\tbMar1.dll) HKLM_Toolbar|{707db484-2428-402d-afb5-d85b387544c7} (C:\Program Files\Mario_Forever\tbMar1.dll) HKLM_Toolbar|{85F685C3-20D9-4943-95E4-EB4224056C3F} (D:\Programy\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll) HKLM_Toolbar|{3c490bf5-4244-4310-b4a7-3361f288dac5} (x) HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - D:\Programy\Internet Download Manager\IEMonitor.exe (x) HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - D:\Programy\Internet Download Manager\IDMan.exe (x) HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?) HKLM_Extensions\{88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - "Add to VideoGet" (D:\Programy\VideoGet\VideoGet.ico) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{3c490bf5-4244-4310-b4a7-3361f288dac5} (?) BHO\{41069220-f72a-40ea-a8f3-bcd5e1fbc8f0} (?) BHO\{707db484-2428-402d-afb5-d85b387544c7} - "Mario Forever Toolbar" (C:\Program Files\Mario_Forever\tbMar1.dll) BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre6\bin\ssv.dll) BHO\{85F685C3-20D9-4943-95E4-EB4224056C3F} - "Expressivo" (D:\Programy\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 1 File(s) C:\Ad-Report-SCAN[1].txt - 11/12/2003 02:21:07 (8225 Byte(s)) End at: 02:22:50, 11/12/2003 ============== E.O.F ==============