======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 13:58:21 on 29/12/2011, Normal boot Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Renia@RENIA-PC (Hewlett-Packard HP Pavilion dv6700 Notebook PC) ============== SEARCH ============== File found: C:\Program Files\Uninstall Ask Toolbar.dll File found: C:\Program Files\Uninstall Fun Web Products.dll Folder found: C:\Program Files\AskTBar Folder found: C:\Program Files\DoubleD Folder found: C:\Users\Renia\AppData\Roaming\Internet Saving Optimizer Folder found: C:\Program Files\Internet Saving Optimizer Folder found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge Folder found: C:\Program Files\RelevantKnowledge Folder found: C:\Program Files\System Search Dispatcher Folder found: C:\ProgramData\Viewpoint Folder found: C:\Program Files\Viewpoint File found: C:\Program Files\Windows Live\Messenger\Msimg32.dll Key found: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key found: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key found: HKLM\Software\Classes\CLSID\{27FF1EE8-8CCC-49E1-B801-F212E3744E80} Key found: HKLM\Software\Classes\AppID\{E97BE7A8-7FBA-49FA-A742-BCFB5DAA0ED5} Key found: HKLM\Software\Classes\CLSID\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} Key found: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} Key found: HKLM\Software\Classes\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDBFB47B-58A8-4111-BF95-06178DCE326D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDBFB47B-58A8-4111-BF95-06178DCE326D} Key found: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Key found: HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1} Key found: HKLM\Software\Classes\Interface\{6998957E-00F9-4DAC-BBB1-C0CA721376C1} Key found: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Key found: HKLM\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF} Key found: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key found: HKLM\Software\Classes\TypeLib\{22C12739-C111-44C6-9BB7-F335C2A9BE2A} Key found: HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F} Key found: HKLM\Software\Classes\TypeLib\{C28A0312-C403-417B-A425-A915BC0519CD} Key found: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} Key found: HKLM\Software\Classes\AxGifAnimator.GifAnimator Key found: HKLM\Software\Classes\AxGifAnimator.GifAnimator.1 Key found: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl Key found: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1 Key found: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary Key found: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Key found: HKLM\Software\Classes\ExplorerBar.CashBackAssistant Key found: HKLM\Software\Classes\ExplorerBar.CashBackAssistant.1 Key found: HKLM\Software\Classes\ExplorerBar.FunExplorer Key found: HKLM\Software\Classes\ExplorerBar.FunExplorer.1 Key found: HKLM\Software\Classes\ExplorerBar.FunRedirector Key found: HKLM\Software\Classes\ExplorerBar.FunRedirector.1 Key found: HKLM\Software\Classes\AppID\AxGifAnimator.DLL Key found: HKLM\Software\DoubleD Key found: HKLM\Software\Freeze.com Key found: HKLM\Software\MetaStream Key found: HKLM\Software\Viewpoint Key found: HKCU\Software\DataMngr Key found: HKCU\Software\DoubleD Key found: HKCU\Software\Internet Saving Optimizer Key found: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} Key found: HKCU\Software\AppDataLow\Software\DoubleD Key found: HKCU\Software\AppDataLow\Software\Internet Saving Optimizer Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Key found: HKCU\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} Key found: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} Key found: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key found: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key found: HKLM\Software\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Key found: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss Key found: HKLM\Software\MozillaPlugins\@viewpoint.com/VMP Value found: HKLM\Software\Mozilla\Firefox\Extensions|{2224e955-00e9-4613-a844-ce69fccaae91} Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D0523BB4-21E7-11DD-9AB7-415B56D89593} Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{5617ECA9-488D-4BA2-8562-9710B9AB78D2} ============== ADDITIONNAL SCAN ============== **** Google Chrome Version [16.0.912.63] **** -- C:\Users\Renia\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Search Results" (Enabled: true) (hxxp://dts.search-results.com/sr?src=crb&appid=173&systemid=406&sr=0&q={searchTerms}) Preferences - homepage: hxxp://www.google.pl/ Preferences - homepage_is_newtabpage: false Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x) Plugin - Native Client (Enabled: true) (C:\Users\Renia\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll) Plugin - WildTangent Games App Presence Detector (Enabled: true) (C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll) Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - "Remoting Viewer" (Enabled: true) Plugin - "Native Client" (Enabled: true) Plugin - "MetaStream 3 Plugin" (Enabled: true) Plugin - "WildTangent Games App Presence Detector" (Enabled: true) Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true) ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=laptop HKLM_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=laptop HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=laptop HKCU_SearchScopes\{104390CA-E40C-43BF-A771-26DE9E4121CC} - "Ask.com" (hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd) HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=173&systemid=406&sr=0&q={searchTe...) HKLM_SearchScopes\{104390CA-E40C-43BF-A771-26DE9E4121CC} - "Ask.com" (hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd) HKLM_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZRxdm479YYCA&fl=0&ptb=CN73fvBAz...) HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=173&systemid=406&sr=0&q={searchTe...) HKCU_Toolbar\WebBrowser|{A057A204-BACC-4D26-8087-36EE87E26986} (x) HKCU_Toolbar\WebBrowser|{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (x) HKCU_Toolbar\WebBrowser|{0329E7D6-6F54-462D-93F6-F5C3118BADF2} (C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll) HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x) HKCU_Toolbar\WebBrowser|{D0523BB4-21E7-11DD-9AB7-415B56D89593} (x) HKLM_Toolbar|{327C2873-E90D-4c37-AA9D-10AC9BABA46C} (C:\Program Files\Canon\Easy-WebPrint\Toolband.dll) HKLM_Toolbar|{0329E7D6-6F54-462D-93F6-F5C3118BADF2} (C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll) HKCU_ElevationPolicy\{0CA47F85-7EEE-4538-96FC-ACDE950F6835} - C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe (x) HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.) HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.) HKCU_ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} - C:\Users\Renia\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe (x) HKCU_ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55} - C:\Users\Renia\AppData\Local\Google\Update\GoogleUpdate.exe (x) HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\Renia\AppData\Local\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x) HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) HKCU_ElevationPolicy\{F3F2B589-71B0-4618-9317-BF42E556E561} - C:\Program Files\Winamp\winamp.exe (Nullsoft, Inc.) HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation) HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2launcher.exe (Oracle Corporation) HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\javaws.exe (Oracle Corporation) HKLM_ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} - C:\Program Files\MyWebSearch\bar\1.bin\m3impipe.exe (x) HKLM_ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} - C:\Windows\system32\f3PSSavr.scr (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} - C:\Program Files\MyWebSearch\bar\1.bin\m3SkPlay.exe (x) HKLM_ElevationPolicy\{BE78000E-90A5-4F6C-BB35-526D77AE1FD8} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\dtUser.exe (x) HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\ssvagent.exe (Oracle Corporation) HKLM_ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} - C:\Program Files\MyWebSearch\bar\1.bin\m3medint.exe (x) HKLM_ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} - C:\Program Files\MyWebSearch\bar\1.bin\m3SlSrch.exe (x) HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) HKLM_ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} - C:\Program Files\MyWebSearch\bar\1.bin\m3SrchMn.exe (x) HKLM_Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - "PokerStars" (C:\Program Files\PokerStars\main.ico) BHO\{0055C089-8582-441B-A0BF-17B458C2A3A8} - "IDM integration (IDMIEHlprObj Class)" (C:\Program Files\Internet Download Manager\IDMIECC.dll) BHO\{00F5B5BA-E3C2-4b70-BF51-42A557914FAD} - "CashBackAssistant" (C:\Program Files\Nice Prosper\CashBackAssistant\CashBackAssistantIE.dll) BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll) BHO\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - "NP Helper Class" (C:\Program Files\Internet Saving Optimizer\2.0.0.2440\NPIEAddOn.dll) BHO\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - "EWPBrowseObject Class" (C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll) BHO\{A1056498-D09A-41E4-864B-505EDD640D9E} - "SBCONVERT Class" (C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll) BHO\{FF7C3CF0-4B15-11D1-ABED-709549C10000} - "GrabberObj Class" (C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 0 File(s) C:\Ad-Report-SCAN[1].txt - 29/12/2011 13:58:43 (14806 Byte(s)) End at: 13:59:29, 29/12/2011 ============== E.O.F ==============