======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 16:38:28 on 27/05/2011, Normal boot Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Mateusz@MATEUSZ-PC (ASUSTeK Computer Inc. N50Vn) ============== SEARCH ============== Service: "ASKUpgrade" Service found File found: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js File found: C:\Program Files\Mozilla FireFox\Components\AskSearch.js File found: C:\Users\Mateusz\AppData\Roaming\Mozilla\FireFox\Profiles\kjhmprzt.default\searchplugins\ask.xml Folder found: C:\Users\Mateusz\AppData\Roaming\Mozilla\FireFox\Profiles\kjhmprzt.default\conduit File found: C:\Users\Mateusz\AppData\Roaming\Mozilla\FireFox\Profiles\kjhmprzt.default\searchplugins\conduit.xml Folder found: C:\Program Files\AskBarDis Folder found: C:\Users\Mateusz\AppData\Local\Conduit Folder found: C:\Users\Mateusz\AppData\LocalLow\Conduit Folder found: C:\Program Files\Conduit Folder found: C:\Users\Mateusz\AppData\LocalLow\ConduitEngine Folder found: C:\Program Files\ConduitEngine Folder found: C:\Users\Mateusz\AppData\Roaming\DesktopIcon Folder found: C:\Users\Mateusz\AppData\LocalLow\Toolbar4 Key found: HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f} Key found: HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2} Key found: HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E} Key found: HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed} Key found: HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98} Key found: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60} Key found: HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf} Key found: HKLM\Software\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} Key found: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b} Key found: HKLM\Software\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} Key found: HKLM\Software\Classes\CLSID\{E935A529-795F-4994-B5B9-CFF9363E1290} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E935A529-795F-4994-B5B9-CFF9363E1290} Key found: HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362} Key found: HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA} Key found: HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9} Key found: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B} Key found: HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742} Key found: HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150} Key found: HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2} Key found: HKLM\Software\Classes\TypeLib\{DC3020B4-815F-427B-A5DA-82DC6634EBAD} Key found: HKLM\Software\Classes\TypeLib\{F0CF944C-F160-4F65-8F0A-2773322FF357} Key found: HKLM\Software\Classes\AskIBar.PopSwatterBarButton Key found: HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1 Key found: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl Key found: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1 Key found: HKLM\Software\Classes\AskToolBar.SettingsPlugin Key found: HKLM\Software\Classes\AskToolBar.SettingsPlugin.1 Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\Toolbar.CT2504091 Key found: HKLM\Software\Conduit Key found: HKLM\Software\conduitEngine Key found: HKLM\Software\AppDataLow\AskBarDis Key found: HKCU\Software\Conduit Key found: HKCU\Software\AppDataLow\AskBarDis Key found: HKCU\Software\AppDataLow\Toolbar Key found: HKCU\Software\AppDataLow\Software\Conduit Key found: HKCU\Software\AppDataLow\Software\conduitEngine Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E74E2487-04A1-475A-B822-0580F374979C} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1 Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1 Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Value found: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{CA3EB689-8F09-4026-AA10-B9534C691CE0} Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98} Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [3.6.15 (pl)] **** Plugins\npPandoWebInst.dll (Pando Networks) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\AskHPRFF.js Components\AskSearch.js Extensions\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} (Free Lunch Design Toolbar) Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox ) Extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} (BearShare MediaBar) HKCU_Extensions|{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a} - C:\Users\Mateusz\Program Files\DNA -- C:\Users\Mateusz\AppData\Roaming\Mozilla\FireFox\Profiles\kjhmprzt.default -- Extensions\zrzuta.eu@gmail.com (Zrzuta.eu) Searchplugins\ask.xml (?) Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}/) Searchplugins\pwn---encyklopedia.xml (?) Prefs.js - browser.search.selectedEngine, Allegro Prefs.js - browser.startup.homepage, hxxp://www.google.pl/firefox?client=firefox-a&rls=org.mozilla:pl:official Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15 ======================================== **** Internet Explorer Version [8.0.6001.19019] **** HKCU_Main|Default_Page_URL - hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS HKCU_Main|Search bar - hxxp://search.bearshare.com/sidebar.html?src=ssb HKCU_Main|Search Page - hxxp://www.google.com HKCU_Main|Start Page - hxxp://search.bearshare.com/pl/ HKLM_Main|Default_Page_URL - hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS AboutUrls|Tabs - hxxp://www.bigseekpro.com/hypercam/{FED36C47-803A-48E1-9F01-BE6768FA8FDD}?s_src=newtab HKCU_URLSearchHooks|{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - "Free Lunch Design Toolbar" (C:\Program Files\Free_Lunch_Design\tbFree.dll) HKCU_URLSearchHooks|{CA3EB689-8F09-4026-AA10-B9534C691CE0} - "ToolbarURLSearchHook Class" (C:\Program Files\HyperCam Toolbar\tbhelper.dll) HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_URLSearchHooks|{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - "Free Lunch Design Toolbar" (C:\Program Files\Free_Lunch_Design\tbFree.dll) HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=rlFoi7NkmQD-PojWLvKrv3la-X8?q={searchTerms}) HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - "Web Search" (hxxp://search.bearshare.com/webResults.html?src=ieb&q={searchTerms}) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Free_Lunch_Design Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKCU_SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&cr...) HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Free_Lunch_Design Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&cr...) HKCU_Toolbar\WebBrowser|{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} (C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll) HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll) HKCU_Toolbar\WebBrowser|{57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} (C:\Program Files\Free_Lunch_Design\tbFree.dll) HKCU_Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98} (C:\Program Files\AskBarDis\bar\bin\askBar.dll) HKCU_Toolbar\WebBrowser|{338B4DFE-2E2C-4338-9E41-E176D497299E} (C:\Program Files\HyperCam Toolbar\tbcore3.dll) HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_Toolbar|{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} (C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll) HKLM_Toolbar|{3041d03e-fd4b-44e0-b742-2d9b88305f98} (C:\Program Files\AskBarDis\bar\bin\askBar.dll) HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll) HKLM_Toolbar|{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} (C:\Program Files\Free_Lunch_Design\tbFree.dll) HKLM_Toolbar|{338B4DFE-2E2C-4338-9E41-E176D497299E} (C:\Program Files\HyperCam Toolbar\tbcore3.dll) HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\prxtbVuze.dll) HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files\ConduitEngine\prxConduitEngine.dll) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) HKLM_ElevationPolicy\{91925621-50F0-4CDA-B383-96900EC8E0B2} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?) HKLM_ElevationPolicy\{BB8A9962-452A-4a00-814E-650B96EAA0D2} - C:\ProgramData\webex\atinst.exe (WebEx Communications, Inc) HKLM_ElevationPolicy\{E74E2487-04A1-475A-B822-0580F374979C} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (?) HKLM_ElevationPolicy\{EF58B3FB-2FFA-472B-A766-D45BD3D4FB9B} - C:\Users\Mateusz\AppData\Local\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll) BHO\{201f27d4-3704-41d6-89c1-aa35e39143ed} - "AskBar BHO" (C:\Program Files\AskBarDis\bar\bin\askBar.dll) BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\prxConduitEngine.dll) BHO\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - "Free Lunch Design Toolbar" (C:\Program Files\Free_Lunch_Design\tbFree.dll) BHO\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - "UrlHelper Class" (C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll) BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Pomocnik rejestracji us³ugi Windows Live" (C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll) BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\prxtbVuze.dll) BHO\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - "IEPluginBHO Class" (C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll) (x) BHO\{FD4E08F0-3DE7-4014-99C9-A84E5A99A2AD} - "TBSB08993 Class" (C:\Program Files\HyperCam Toolbar\tbcore3.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 1 File(s) C:\Ad-Report-SCAN[1].txt - 27/05/2011 16:38:33 (14502 Byte(s)) End at: 16:39:54, 27/05/2011 ============== E.O.F ==============