======= REPORT FROM AD-REMOVER 2.0.0.2,E | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 21/02/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [5]) -> Launched at 10:06:18 on 06/04/2011, Normal boot Microsoft Windows 7 Ultimate Service Pack 1 (X86) tom@TOM-PC (Acer Aspire one) ============== SEARCH ============== Folder found: C:\Users\tom\AppData\Local\AskToolbar Folder found: C:\Users\tom\AppData\Local\Conduit Folder found: C:\Users\tom\AppData\LocalLow\Conduit Folder found: C:\Users\tom\AppData\LocalLow\PriceGong Folder found: C:\Users\tom\AppData\LocalLow\vShare Folder found: C:\Program Files\vShare Key found: HKLM\Software\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKLM\Software\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Key found: HKLM\Software\Classes\CLSID\{3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} Key found: HKLM\Software\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D} Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key found: HKLM\Software\Classes\TypeLib\{3E315C81-442B-431C-AEC8-ED189699EC24} Key found: HKLM\Software\Classes\Toolbar.CT2405280 Key found: HKLM\Software\Classes\vShare.IMedixProtocol Key found: HKLM\Software\Classes\vShare.IMedixProtocol.1 Key found: HKLM\Software\Classes\vShare.PugiObj Key found: HKLM\Software\Classes\vShare.PugiObj.1 Key found: HKLM\Software\Classes\vShare.ScriptHelpers Key found: HKLM\Software\Classes\vShare.ScriptHelpers.1 Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key found: HKLM\Software\Conduit Key found: HKCU\Software\vShare Key found: HKCU\Software\Ask.com Key found: HKCU\Software\AskToolbar Key found: HKCU\Software\Zugo Key found: HKCU\Software\AppDataLow\AskToolbarInfo Key found: HKCU\Software\AppDataLow\Software\AskToolbar Key found: HKCU\Software\AppDataLow\Software\PriceGong Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\vShare Key found: HKLM\Software\Classes\PROTOCOLS\Handler\vsharechrome Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{043C5167-00BB-4324-AF7E-62013FAEDACF} ============== ADDITIONNAL SCAN ============== **** Google Chrome Version [10.0.648.204] **** Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?) Extension\lifbcibllhkdhoafpjfnlhfpfgnpldfl (C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx) (?) -- C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (?) Preferences - homepage: hxxp://home.sweetim.com/?crg=2.1002&barid={6141AD63-CB47-4648-97BF-F7553B59E0D4} Preferences - homepage_is_newtabpage: true Plugin - Skype Toolbars (Enabled: true) (C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6778_0\npSkypeChromePlugin.dll) Plugin - RealJukebox NS Plugin (Enabled: true) (C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll) Plugin - TVU Web Player for FireFox (Enabled: true) (C:\Program Files\TVUPlayer\npTVUAx.dll) Plugin - Veetle TV Player (Enabled: true) (C:\Program Files\Veetle\Player\npvlc.dll) Plugin - Veetle TV Core (Enabled: true) (C:\Program Files\Veetle\plugins\npVeetle.dll) Plugin - Windows Live\u0099 Photo Gallery (Enabled: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll) Plugin - "Shockwave Flash" (Enabled: true) Plugin - "Skype Toolbars" (Enabled: true) Plugin - "RealJukebox NS Plugin" (Enabled: true) Plugin - "TVU Web Player for FireFox" (Enabled: true) Plugin - "Veetle TV Player" (Enabled: true) Plugin - "Veetle TV Core" (Enabled: true) Plugin - "Windows Live\u0099 Photo Gallery" (Enabled: true) ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://home.sweetim.com/?crg=2.1002 HKCU_URLSearchHooks|{ad708c09-d51b-45b3-9d28-4eba2681febf} (x) HKCU_SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} - "Web Search..." (hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp) HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTer...) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Download Energy Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKCU_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/?src=6&crg=2.1002&q={searchTerms}) HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Download Energy Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/?src=6&crg=2.1002&q={searchTerms}) HKCU_Toolbar\WebBrowser|{AD708C09-D51B-45B3-9D28-4EBA2681FEBF} (x) HKLM_Toolbar|{043C5167-00BB-4324-AF7E-62013FAEDACF} (C:\Program Files\vShare\vshare_toolbar.dll) HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\lip.exe (?) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x) HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) HKLM_Extensions\{0000036B-C524-4050-81A0-243669A86B9F} - "@C:\Program Files\Windows Live\Companion\companionlang.dll,-600" (C:\Program Files\Windows Live\Companion\companionres.dll,200) HKLM_Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - "Skype Plug-In" (C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico) BHO\{043C5167-00BB-4324-AF7E-62013FAEDACF} - "vShare Toolbar" (C:\Program Files\vShare\vshare_toolbar.dll) BHO\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} - "Windows Live Messenger Companion Helper" (C:\Program Files\Windows Live\Companion\companioncore.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 2 File(s) C:\Ad-Report-SCAN[5].txt - 06/04/2011 10:06:26 (8617 Byte(s)) End at: 10:08:42, 06/04/2011 ============== E.O.F ==============