======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 14:39:39 on 29/12/2011, Normal boot Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Renia@RENIA-PC (Hewlett-Packard HP Pavilion dv6700 Notebook PC) ============== ACTION(S) ============== File deleted: C:\Program Files\Uninstall Ask Toolbar.dll File deleted: C:\Program Files\Uninstall Fun Web Products.dll Folder deleted: C:\Program Files\AskTBar Folder deleted: C:\Program Files\DoubleD Folder deleted: C:\Users\Renia\AppData\Roaming\Internet Saving Optimizer Folder deleted: C:\Program Files\Internet Saving Optimizer Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge Folder deleted: C:\Program Files\RelevantKnowledge Folder deleted: C:\Program Files\System Search Dispatcher Folder deleted: C:\ProgramData\Viewpoint Folder deleted: C:\Program Files\Viewpoint File deleted: C:\Program Files\Windows Live\Messenger\Msimg32.dll (!) -- Temporary files deleted. Key deleted: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key deleted: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key deleted: HKLM\Software\Classes\CLSID\{27FF1EE8-8CCC-49E1-B801-F212E3744E80} Key deleted: HKLM\Software\Classes\AppID\{E97BE7A8-7FBA-49FA-A742-BCFB5DAA0ED5} Key deleted: HKLM\Software\Classes\CLSID\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} Key deleted: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} Key deleted: HKLM\Software\Classes\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDBFB47B-58A8-4111-BF95-06178DCE326D} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDBFB47B-58A8-4111-BF95-06178DCE326D} Key deleted: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Key deleted: HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1} Key deleted: HKLM\Software\Classes\Interface\{6998957E-00F9-4DAC-BBB1-C0CA721376C1} Key deleted: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Key deleted: HKLM\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF} Key deleted: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key deleted: HKLM\Software\Classes\TypeLib\{22C12739-C111-44C6-9BB7-F335C2A9BE2A} Key deleted: HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F} Key deleted: HKLM\Software\Classes\TypeLib\{C28A0312-C403-417B-A425-A915BC0519CD} Key deleted: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} Key deleted: HKLM\Software\Classes\AxGifAnimator.GifAnimator Key deleted: HKLM\Software\Classes\AxGifAnimator.GifAnimator.1 Key deleted: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl Key deleted: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1 Key deleted: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary Key deleted: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Key deleted: HKLM\Software\Classes\ExplorerBar.CashBackAssistant Key deleted: HKLM\Software\Classes\ExplorerBar.CashBackAssistant.1 Key deleted: HKLM\Software\Classes\ExplorerBar.FunExplorer Key deleted: HKLM\Software\Classes\ExplorerBar.FunExplorer.1 Key deleted: HKLM\Software\Classes\ExplorerBar.FunRedirector Key deleted: HKLM\Software\Classes\ExplorerBar.FunRedirector.1 Key deleted: HKLM\Software\Classes\AppID\AxGifAnimator.DLL Key deleted: HKLM\Software\DoubleD Key deleted: HKLM\Software\Freeze.com Key deleted: HKLM\Software\MetaStream Key deleted: HKLM\Software\Viewpoint Key deleted: HKCU\Software\DataMngr Key deleted: HKCU\Software\DoubleD Key deleted: HKCU\Software\Internet Saving Optimizer Key deleted: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} Key deleted: HKCU\Software\AppDataLow\Software\DoubleD Key deleted: HKCU\Software\AppDataLow\Software\Internet Saving Optimizer Key deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Key deleted: HKCU\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} Key deleted: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} Key deleted: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key deleted: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Key deleted: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss Key deleted: HKLM\Software\MozillaPlugins\@viewpoint.com/VMP Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|{2224e955-00e9-4613-a844-ce69fccaae91} Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D0523BB4-21E7-11DD-9AB7-415B56D89593} Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{5617ECA9-488D-4BA2-8562-9710B9AB78D2} ============== ADDITIONNAL SCAN ============== **** Google Chrome Version [16.0.912.63] **** -- C:\Users\Renia\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Search Results" (Enabled: true) (hxxp://dts.search-results.com/sr?src=crb&appid=173&systemid=406&sr=0&q={searchTerms}) Preferences - homepage: hxxp://www.google.pl/ Preferences - homepage_is_newtabpage: false Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x) Plugin - Native Client (Enabled: true) (C:\Users\Renia\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll) Plugin - WildTangent Games App Presence Detector (Enabled: true) (C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll) Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - "Remoting Viewer" (Enabled: true) Plugin - "Native Client" (Enabled: true) Plugin - "MetaStream 3 Plugin" (Enabled: true) Plugin - "WildTangent Games App Presence Detector" (Enabled: true) Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true) ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_SearchScopes\{104390CA-E40C-43BF-A771-26DE9E4121CC} - "Ask.com" (hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd) HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=173&systemid=406&sr=0&q={searchTe...) HKLM_SearchScopes\{104390CA-E40C-43BF-A771-26DE9E4121CC} - "Ask.com" (hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd) HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=173&systemid=406&sr=0&q={searchTe...) HKCU_Toolbar\WebBrowser|{A057A204-BACC-4D26-8087-36EE87E26986} (x) HKCU_Toolbar\WebBrowser|{0329E7D6-6F54-462D-93F6-F5C3118BADF2} (C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll) HKLM_Toolbar|{327C2873-E90D-4c37-AA9D-10AC9BABA46C} (C:\Program Files\Canon\Easy-WebPrint\Toolband.dll) HKLM_Toolbar|{0329E7D6-6F54-462D-93F6-F5C3118BADF2} (C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll) HKCU_ElevationPolicy\{0CA47F85-7EEE-4538-96FC-ACDE950F6835} - C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe (x) HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.) HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.) HKCU_ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} - C:\Users\Renia\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe (x) HKCU_ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55} - C:\Users\Renia\AppData\Local\Google\Update\GoogleUpdate.exe (x) HKCU_ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\Renia\AppData\Local\Google\Chrome\Application\14.0.835.202\chrome_launcher.exe (x) HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) HKCU_ElevationPolicy\{F3F2B589-71B0-4618-9317-BF42E556E561} - C:\Program Files\Winamp\winamp.exe (Nullsoft, Inc.) HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation) HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2launcher.exe (Oracle Corporation) HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\javaws.exe (Oracle Corporation) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{BE78000E-90A5-4F6C-BB35-526D77AE1FD8} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\dtUser.exe (x) HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\ssvagent.exe (Oracle Corporation) HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) BHO\{0055C089-8582-441B-A0BF-17B458C2A3A8} - "IDM integration (IDMIEHlprObj Class)" (C:\Program Files\Internet Download Manager\IDMIECC.dll) BHO\{00F5B5BA-E3C2-4b70-BF51-42A557914FAD} - "CashBackAssistant" (C:\Program Files\Nice Prosper\CashBackAssistant\CashBackAssistantIE.dll) BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll) BHO\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - "EWPBrowseObject Class" (C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll) BHO\{A1056498-D09A-41E4-864B-505EDD640D9E} - "SBCONVERT Class" (C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll) BHO\{FF7C3CF0-4B15-11D1-ABED-709549C10000} - "GrabberObj Class" (C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 64 File(s) C:\Program Files\Ad-Remover\Backup: 14 File(s) C:\Ad-Report-CLEAN[1].txt - 29/12/2011 14:39:57 (13869 Byte(s)) C:\Ad-Report-SCAN[1].txt - 29/12/2011 13:58:43 (14945 Byte(s)) End at: 14:40:58, 29/12/2011 ============== E.O.F ==============