======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 10:21:30 on 07/07/2011, Normal boot Microsoft Windows 7 Home Premium (X86) Dawid@DAWID-KOMPUTER ( ) ============== SEARCH ============== File found: C:\Users\Dawid\AppData\Roaming\Mozilla\FireFox\Profiles\noo30xhy.default\searchplugins\conduit.xml Folder found: C:\Program Files\Conduit Folder found: C:\Program Files\ConduitEngine Folder found: C:\Users\Dawid\AppData\LocalLow\PriceGong -- File opened: C:\Users\Dawid\AppData\Roaming\Mozilla\FireFox\Profiles\noo30xhy.default\Prefs.js -- Line found: user_pref("CT2530240.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT253... Line found: user_pref("CommunityToolbar.ConduitSearchList", "Softonic-Polska Customized Web Search"); Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/923243/919034/PL", "\"0\"")... Line found: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2530240", ... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.... Line found: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2530240",... Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2530240/CT2530240... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalize... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif... Line found: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif"... Line found: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=pl-pl", "\"... Line found: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Dawid\\AppData\\Roaming\\Mozilla\\F... Line found: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12"); Line found: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Line found: user_pref("CommunityToolbar.ToolbarsList", "CT2530240"); Line found: user_pref("CommunityToolbar.ToolbarsList2", "CT2530240"); Line found: user_pref("CommunityToolbar.ToolbarsList4", "CT2530240"); Line found: user_pref("CommunityToolbar.globalUserId", "35d7dc26-5690-4e96-b8ab-59cfec5f9e83"); Line found: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Line found: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Line found: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2530240"); Line found: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jul 03 2011 22:45:2... Line found: user_pref("CommunityToolbar.notifications.alertEnabled", true); Line found: user_pref("CommunityToolbar.notifications.alertInfoInterval", 60); Line found: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jul 03 2011 22:45:35 GMT+020... Line found: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Line found: user_pref("CommunityToolbar.notifications.locale", "en"); Line found: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Line found: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jul 03 2011 22:45:24 GMT+0200"); Line found: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559"); Line found: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Line found: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Line found: user_pref("CommunityToolbar.notifications.showTrayIcon", false); Line found: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Line found: user_pref("CommunityToolbar.notifications.userId", "e7205c74-f576-4fc7-8e89-792fc4758993"); Line found: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2530240&Sea... -- File closed -- Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\Toolbar.CT2530240 Key found: HKCU\Software\AppDataLow\Software\PriceGong Key found: HKCU\Software\AppDataLow\Software\Toolbar Key found: HKLM\Software\Canneverbe Limited\OpenCandy ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [5.0 (pl)] **** Plugins\npwachk.dll (Nullsoft, Inc.) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) Components\browsercomps.dll (Mozilla Foundation) Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension ) HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files\AVG\AVG10\Firefox4\ -- C:\Users\Dawid\AppData\Roaming\Mozilla\FireFox\Profiles\noo30xhy.default -- Extensions\battlefieldplay4free@ea.com (Battlefield Play4Free) Extensions\jid0-NIEA2hJPrNIdsVQgBgJeKabi1kY@jetpack (McAfee Secure URL Shortener) Extensions\staged (?) Extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} (Softonic-Polska Community Toolbar) Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2530240&SearchSource=3&q={searchTerms} /) Prefs.js - browser.download.dir, C:\\Users\\Dawid\\Desktop Prefs.js - browser.download.lastDir, C:\\Users\\Dawid\\Desktop Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2530240&SearchSource=3&q={searchTerms} Prefs.js - browser.startup.homepage, Onet.pl Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=toolbar2&q= ======================================== **** Google Chrome Version [12.0.742.112] **** Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (x) Extension\jmfkcklnlgedgbglfkkgedjfmejoahla (C:\Program Files\AVG\AVG10\Chrome\safesearch.crx) (?) -- C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (?) Preferences - homepage: hxxp://www.google.com/ Preferences - homepage_is_newtabpage: true Plugin - Chrome NaCl (Enabled: false) (C:\Users\Dawid\AppData\Local\Google\Chrome\Application\11.0.696.68\ppGoogleNaClPluginChrome.dll) (x) Plugin - AVG Internet Security (Enabled: true) (C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1374_0\plugins/avgnpss.dll) Plugin - NVIDIA 3D Vision (Enabled: true) (C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll) Plugin - NVIDIA 3D VISION (Enabled: true) (C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll) Plugin - "Java" (Enabled: true) Plugin - "Silverlight" (Enabled: true) Plugin - "Chrome NaCl" (Enabled: false) Plugin - "AVG Internet Security" (Enabled: true) Plugin - "Winamp Application Detector" (Enabled: true) Plugin - "NVIDIA 3D Vision" (Enabled: true) Plugin - "NVIDIA 3D VISION" (Enabled: true) ======================================== **** Internet Explorer Version [8.0.7600.16385] **** HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKCU_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_URLSearchHooks|{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} (x) HKCU_Toolbar\WebBrowser|{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - "BitComet" (C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll,203) BHO\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - "BitComet Helper" (C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 1 File(s) C:\Ad-Report-SCAN[1].txt - 07/07/2011 10:21:57 (10251 Byte(s)) End at: 10:22:48, 07/07/2011 ============== E.O.F ==============