======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 13:52:15 on 15/11/2011, Normal boot Microsoft Windows 7 Home Premium Service Pack 1 (X64) PC@PC-KOMPUTER (To Be Filled By O.E.M. To Be Filled By O.E.M.) ============== SEARCH ============== File found: C:\Program Files (x86)\Mozilla FireFox\searchplugins\Complitly.xml Folder found: C:\Users\PC\AppData\Roaming\Mozilla\FireFox\Profiles\893o585q.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} Folder found: C:\Program Files (x86)\Complitly -- File opened: C:\Users\PC\AppData\Roaming\Mozilla\FireFox\Profiles\893o585q.default\Prefs.js -- Line found: user_pref("extensions.vshare@toolbar.install-event-fired", true); -- File closed -- Key found: HKLM\Software\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D} Key found: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key found: HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key found: HKLM\Software\Conduit Key found: HKCU\Software\Complitly ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [8.0 (pl)] **** HKLM_MozillaPlugins\@mcafee.com/MSC,version=10 (x) HKLM_MozillaPlugins\@mcafee.com/SAFFPlugin (x) HKLM_MozillaPlugins\Adobe Reader (x) HKCU_MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\Complitly.xml ( hxxp://search.searchcompletion.com/?bs=1&si=10182&q={searchTerms}/) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 HKLM_Extensions|{D19CA586-DD6C-4a0a-96F8-14644F340D60} - C:\Program Files (x86)\Common Files\McAfee\SystemCore HKLM_Extensions|{4ED1F68A-5463-4931-9384-8FFF5ED91D92} - C:\Program Files (x86)\McAfee\SiteAdvisor (x) -- C:\Users\PC\AppData\Roaming\Mozilla\FireFox\Profiles\893o585q.default -- Extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} (Complitly - Speed up your search with your personal search suggestions tool) Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} (ColorZilla) Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} (Memory Fox) Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} (Greasemonkey) Prefs.js - browser.download.lastDir, C:\\Users\\PC\\Desktop Prefs.js - browser.startup.homepage, about:home Prefs.js - browser.startup.homepage_override.buildID, 20111104165243 Prefs.js - browser.startup.homepage_override.mstone, rv:8.0 ======================================== **** Google Chrome Version [15.0.874.106] **** Extension\fheoggkfdfchfphceeifdbepaooicaho (C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx) (x) Extension\nneajnkjbffgblleaoojgaacokifdkhm (C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx) (?) -- C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (?) Preferences - homepage: hxxp://www.google.pl/ Preferences - homepage_is_newtabpage: false Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x) Plugin - Native Client (Enabled: true) (C:\Users\PC\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll) Plugin - vShare.tv plug-in (Enabled: true) (C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll) (x) Plugin - DivX VOD Helper Plug-in (Enabled: true) (C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll) Plugin - Unity Player (Enabled: true) (C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - "DivX Player" (Enabled: true) Plugin - "Remoting Viewer" (Enabled: true) Plugin - "Native Client" (Enabled: true) Plugin - "vShare.tv plug-in" (Enabled: true) Plugin - "DivX VOD Helper Plug-in" (Enabled: true) Plugin - "Unity Player" (Enabled: true) ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Start Page - hxxp://www.google.pl/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://www.google.com HKCU_SearchScopes\{1645A33F-0A96-4315-904E-29E188E7720E} - "?" (?) HKCU_SearchScopes\{9161E7FD-9866-4551-B8A9-CCE4F9D17DA0} - "?" (?) HKLM_SearchScopes\{1645A33F-0A96-4315-904E-29E188E7720E} - "Web Search" (hxxp://startsear.ch/?q={searchTerms}) HKLM_SearchScopes\{9161E7FD-9866-4551-B8A9-CCE4F9D17DA0} - "Web Search" (hxxp://startsear.ch/?aff=1&q={searchTerms}) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files (x86)\Common Files\DivX Shared\DesktopService\DDMService.exe (DivX, LLC) HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files (x86)\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.) BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5