======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 02:22:15 on 15/06/2011, Normal boot

Microsoft Windows 7 Professional  Service Pack 1 (X64) 
Clameur@CLAMEUR-PC (TOSHIBA Satellite A300) 
 
============== SEARCH ==============



Key found: HKLM\Software\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key found: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key found: HKLM\Software\Conduit
Key found: HKCU\Software\AppDataLow\Software\Fun Web Products
Key found: HKCU\Software\AppDataLow\Software\MyWebSearch
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Key found: HKLM\Software\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [4.0.1 (pl)] ****

HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&amp;sourceid=Mozilla-search)
Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results)
Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&amp;fraza={searchTerms}&amp;skad=crhhxmkohb)
Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms})
Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj)
Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&amp;r=T&amp;szukaj={searchTerms})
Components\browsercomps.dll (Mozilla Foundation)
Extensions\linkfilter@kaspersky.ru_bak (Kaspersky URL Advisor )
HKLM_Extensions|virtualKeyboard@kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru
HKLM_Extensions|linkfilter@kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru

-- C:\Users\Clameur\AppData\Roaming\Mozilla\FireFox\Profiles\oplx8e79.default --
Extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} (Nightly Tester Tools)
Prefs.js - browser.download.lastDir, C:\\Users\\Clameur\\Music
Prefs.js - browser.search.defaultenginename, 
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, google.pl
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

========================================

**** Google Chrome Version [12.0.742.91] ****

Extension\ihflimipbcaljfnojhhknppphnnciiif (C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.crx) (?)

-- C:\Users\Clameur\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Enabled: true) (?)
Preferences - homepage: hxxp://google.pl/
Preferences - homepage_is_newtabpage: false
Plugin - Windows Live Photo Gallery (Enabled: true) (C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Windows Live Photo Gallery" (Enabled: true)
Plugin - "Yahoo! activeX Plug-in Bridge" (Enabled: true)
Preferences - urls_to_restore_on_startup:  hxxp://www.google.pl/ 

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://www.yahoo.com
AboutUrls|Tabs - hxxp://start.facemoods.com/?a=ddrnw&f=2
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://tbsearch.ask.com/redirect?client=ie&tb=UT2V5&o=&src=crm&q={searchTerms}&l...)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKLM_Toolbar|{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} (C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll)
HKLM_ElevationPolicy\{0002df01-0000-0000-c000-000000000046} - C:\Program Files (x86)\Internet Explorer\iexplore.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{FFDF9EF3-3C3A-4f05-9A6E-5D3B778EC567} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe (facemoods.com)
HKLM_Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - "PokerStars" (C:\Program Files (x86)\PokerStars\main.ico)
BHO\{64182481-4F71-486b-A045-B233BD0DA8FC} - "CescrtHlpr Object" (C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll)
BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Pomocnik rejestracji usługi Windows Live" (C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 File(s)

C:\Ad-Report-SCAN[1].txt - 15/06/2011 02:22:40 (5438 Byte(s)) 

End at: 02:24:36, 15/06/2011 
 
============== E.O.F ==============