======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 00:09:11 on 05/11/2011, Normal boot Microsoft Windows 7 Ultimate Service Pack 1 (X64) Arctus@ARCTUS-KOMPUTER (Gigabyte Technology Co., Ltd. 965P-DS4) ============== SEARCH ============== File found: C:\Windows\SysWOW64\w32apiw.dll Folder found: C:\Users\Arctus\AppData\Roaming\Mozilla\FireFox\Profiles\ik37yhe7.default\conduit Folder found: C:\Users\Arctus\AppData\Roaming\Mozilla\FireFox\Profiles\ik37yhe7.default\ConduitEngine Folder found: C:\Users\Arctus\AppData\Local\Conduit Folder found: C:\Program Files (x86)\Conduit -- File opened: C:\Users\Arctus\AppData\Roaming\Mozilla\FireFox\Profiles\ik37yhe7.default\Prefs.js -- Line found: user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Line found: user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243... Line found: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Line found: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250... Line found: user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2438727"); Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/PL", "\"0\"")... Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"")... Line found: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", ... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.... Line found: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2438727&octid=... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727... Line found: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634... Line found: user_pref("CommunityToolbar.EngineOwner", "ConduitEngine"); Line found: user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com"); Line found: user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine"); Line found: user_pref("CommunityToolbar.IsEngineShown", true); Line found: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Line found: user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com"); Line found: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine"); Line found: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr... Line found: user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT2504091,ConduitEngine"); Line found: user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT2504091"); Line found: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed May 18 2011 10:18:50 GMT+02... Line found: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Line found: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Sep 03 2011 16:56:39 GMT+0200 (Srodk... Line found: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Line found: user_pref("CommunityToolbar.alert.locale", "en"); Line found: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Line found: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Sep 03 2011 16:56:31 GMT+0200 (Srodkowoe... Line found: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); Line found: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Line found: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Line found: user_pref("CommunityToolbar.alert.showTrayIcon", false); Line found: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Line found: user_pref("CommunityToolbar.alert.userId", "{b37dc6ae-0445-4b49-9a0f-9a98c8ec84a5}"); Line found: user_pref("CommunityToolbar.globalUserId", "86404ac3-6e27-41a6-885d-6d8a4614124a"); Line found: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Line found: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Line found: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Mon Aug 29 2011 13:13:59 GMT+0200 (Srodkowoeuro... Line found: user_pref("ConduitEngine.CTID", "ConduitEngine"); Line found: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Sep 03 2011 16:56:35 GMT+0200 (Srodkowoeu... Line found: user_pref("ConduitEngine.FirstServerDate", "05/18/2011 11"); Line found: user_pref("ConduitEngine.FirstTime", true); Line found: user_pref("ConduitEngine.FirstTimeFF3", true); Line found: user_pref("ConduitEngine.HasUserGlobalKeys", true); Line found: user_pref("ConduitEngine.Initialize", true); Line found: user_pref("ConduitEngine.InitializeCommonPrefs", true); Line found: user_pref("ConduitEngine.InstalledDate", "Wed May 18 2011 10:18:51 GMT+0200 (Srodkowoeuropejski czas... Line found: user_pref("ConduitEngine.IsMulticommunity", false); Line found: user_pref("ConduitEngine.IsOpenThankYouPage", false); Line found: user_pref("ConduitEngine.IsOpenUninstallPage", true); Line found: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Sep 03 2011 16:56:32 GMT+0200 (Srodkowoeur... Line found: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Tue May 24 2011 23:11:58 GMT+0200 (Srodkowoeuropejski ... Line found: user_pref("ConduitEngine.LastLogin_3.3.5.1", "Sat Sep 03 2011 16:56:32 GMT+0200 (Srodkowoeuropejski ... Line found: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Line found: user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Sep 03 2011 16:56:32 GMT+0200 (Srodkowoeuropej... Line found: user_pref("ConduitEngine.UserID", "UN29165122103647734"); Line found: user_pref("ConduitEngine.componentAlertEnabled", false); Line found: user_pref("ConduitEngine.engineLocale", "en-GB"); Line found: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Sep 03 2011 16:56:32 GMT+0200 (Srodk... Line found: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Sep 03 2011 16:56:32 GMT+0200 (Srod... Line found: user_pref("ConduitEngine.initDone", true); Line found: user_pref("ConduitEngine.isAppTrackingManagerOn", true); Line found: user_pref("ConduitEngine.usagesFlag", 2); Line found: user_pref("vshare.install.date", "1288224000000"); Line found: user_pref("vshare.install.finished", "1.0.0"); Line found: user_pref("vshare.install.guid", "{645b59db-db21-436b-8393-cfa72e40445d}"); Line found: user_pref("vshare.install.isHidden", true); Line found: user_pref("vshare.install.laststatreq", "1315008000000"); Line found: user_pref("vshare.install.newtab", false); -- File closed -- Key found: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\Toolbar.CT2504091 Key found: HKLM\Software\Conduit Key found: HKCU\Software\Conduit Key found: HKCU\Software\AppDataLow\Software\Toolbar ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [3.6.21 (en-GB)] **** Plugins\npwachk.dll (Nullsoft, Inc.) HKLM_MozillaPlugins\@Musicnotes.com/Musicnotes Viewer (x) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x) HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x) HKLM_MozillaPlugins\@Sibelius.com/Scorch Plugin (x) HKLM_MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0 (x) HKLM_MozillaPlugins\Adobe Reader (x) HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x) Searchplugins\amazon-en-GB.xml (hxxp://www.amazon.co.uk/exec/obidos/external-search/) Searchplugins\answers.xml (hxxp://www.answers.com/main/ntquery) Searchplugins\chambers-en-GB.xml (hxxp://www.chambersharrap.co.uk/chambers/chref/chref.py/main) Searchplugins\creativecommons.xml (hxxp://search.creativecommons.org/) Searchplugins\eBay-en-GB.xml (hxxp://rover.ebay.com/rover/1/710-47297-17704-2/4) Searchplugins\wikipedia.xml (hxxp://en.wikipedia.org/wiki/Special:Search) Searchplugins\yahoo-en-GB.xml (hxxp://uk.search.yahoo.com/search) HKLM_Extensions|{BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ HKLM_Extensions|{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_1_3 -- C:\Users\Arctus\AppData\Roaming\Mozilla\FireFox\Profiles\ik37yhe7.default -- Prefs.js - browser.download.lastDir, C:\\Users\\Arctus\\Downloads Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.20 ======================================== **** Google Chrome Version [15.0.874.106] **** -- C:\Users\Arctus\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (?) Preferences - homepage: hxxp://www.google.com/ Preferences - homepage_is_newtabpage: false Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x) Plugin - Native Client (Enabled: true) (C:\Users\Arctus\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll) Plugin - NVIDIA 3D Vision (Enabled: true) (C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll) Plugin - NVIDIA 3D VISION (Enabled: true) (C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll) Plugin - Pando Web Plugin (Enabled: true) (C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll) Plugin - Media Go Detector (Enabled: true) (C:\Program Files (x86)\Sony\Media Go\npmediago.dll) Plugin - Veetle TV Player (Enabled: true) (C:\Program Files (x86)\Veetle\Player\npvlc.dll) Plugin - Veetle TV Core (Enabled: true) (C:\Program Files (x86)\Veetle\plugins\npVeetle.dll) Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - "Remoting Viewer" (Enabled: true) Plugin - "Native Client" (Enabled: true) Plugin - "Winamp Application Detector" (Enabled: true) Plugin - "Picasa" (Enabled: true) Plugin - "Musicnotes" (Enabled: true) Plugin - "ScorchPlugin" (Enabled: true) Plugin - "NVIDIA 3D Vision" (Enabled: true) Plugin - "NVIDIA 3D VISION" (Enabled: true) Plugin - "Pando Web Plugin" (Enabled: true) Plugin - "Media Go Detector" (Enabled: true) Plugin - "Veetle TV Player" (Enabled: true) Plugin - "Veetle TV Core" (Enabled: true) Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true) ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x) HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (x) HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?) HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?) HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{1239CC52-59EF-4DFA-8C61-90FFA846DF7F} - C:\Program Files (x86)\Musicnotes\Player\musnotes.exe (Musicnotes, Inc.) HKLM_ElevationPolicy\{1239CC52-59EF-4DFA-8C61-90FFA846DF80}} - C:\Program Files (x86)\Musicnotes\GuitarGuru\mnguitar.exe (Musicnotes, Inc.) HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?) HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?) BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll) BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Pomocnik logowania za pomocą identyfikatora Windows Live" (C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s) C:\Program Files (x86)\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 05/11/2011 00:09:32 (14753 Byte(s)) End at: 00:10:44, 05/11/2011 ============== E.O.F ==============