~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by ssharma on Sun 03/09/2014 at 10:30:01.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wecarereminder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricspal
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\firstsearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\strongvaultapp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\strongvaultapp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3284668
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3305605
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211621178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_edraw-mindmap_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_edraw-mindmap_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211621178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_edraw-mindmap_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_edraw-mindmap_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C617CF11-E294-450B-9D9E-B99670DB5688}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CC69C917-4C2F-4FAE-9DBC-CF9784216F54}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8C1C9F18-8B7F-D87E-727D-20C15D9CE4A3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8C1C9F18-8B7F-D87E-727D-20C15D9CE4A3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C1C9F18-8B7F-D87E-727D-20C15D9CE4A3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B431EF29-3A3D-2CF4-A102-B13B7ECE90B9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B431EF29-3A3D-2CF4-A102-B13B7ECE90B9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B431EF29-3A3D-2CF4-A102-B13B7ECE90B9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BC7CB95B-8C6F-35D5-FF43-66DCCF01844E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC7CB95B-8C6F-35D5-FF43-66DCCF01844E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC7CB95B-8C6F-35D5-FF43-66DCCF01844E}



~~~ Files

Successfully deleted: [File] "C:\Users\ssharma\appdata\local\funmoods-speeddial.crx"
Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\starapp"
Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"
Successfully deleted: [Folder] "C:\Users\ssharma\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Users\ssharma\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\ssharma\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\ssharma\appdata\local\solid savings"
Successfully deleted: [Folder] "C:\Users\ssharma\appdata\local\stronghold_llc"
Successfully deleted: [Folder] "C:\Users\ssharma\appdata\local\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\ssharma\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\aol toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Users\ssharma\documents\optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ FireFox

Successfully deleted: [File] C:\Users\ssharma\AppData\Roaming\mozilla\firefox\profiles\m1tixxl2.default\user.js
Successfully deleted the following from C:\Users\ssharma\AppData\Roaming\mozilla\firefox\profiles\m1tixxl2.default\prefs.js

user_pref("Smartbar.ConduitHomepagesList", "");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3305605");
user_pref("browser.search.defaultthis.engineName", "KeyBar 1.15 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3305605&CUI=UN39436500321796223&UM=2&SearchSource=3&q={searchTerms}");
user_pref("browser.startup.homepage", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=rg&utm_content=hp&from=mp3&uid=WDCXWD3200BEKT-75PVMT1_WD-WXC1C22T188
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.WvX8.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};new function(){var a=this;a.domain_storage=\"hxxp://xls.se
user_pref("extensions.cMh7q1dYNt63.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};new function(){var a=this;a.domain_storage=\"hxxp:
user_pref("extensions.funmoods.aflt", "axl");
user_pref("extensions.funmoods.autoRvrt", false);
user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
user_pref("extensions.funmoods.cntry", "US");
user_pref("extensions.funmoods.cv", "cv5");
user_pref("extensions.funmoods.dfltLng", "");
user_pref("extensions.funmoods.dfltSrch", true);
user_pref("extensions.funmoods.dfltlng", "en");
user_pref("extensions.funmoods.dfltsrch", "false");
user_pref("extensions.funmoods.dnsErr", true);
user_pref("extensions.funmoods.envrmnt", "production");
user_pref("extensions.funmoods.excTlbr", false);
user_pref("extensions.funmoods.hdrMd5", "056DFFE951AB9C06C014AFF4EFCFA401");
user_pref("extensions.funmoods.hmpg", true);
user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0DzytAzz0CtD0AyEtCzzyBtDtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtFtCtF
user_pref("extensions.funmoods.hrdid", "D4BED938C0A41870");
user_pref("extensions.funmoods.id", "D4BED938C0A41870");
user_pref("extensions.funmoods.instlDay", "15605");
user_pref("extensions.funmoods.instlRef", "axl");
user_pref("extensions.funmoods.instlday", "15605");
user_pref("extensions.funmoods.instlref", "axl");
user_pref("extensions.funmoods.isdcmntcmplt", true);
user_pref("extensions.funmoods.keywordurl", "");
user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2219:41:40");
user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
user_pref("extensions.funmoods.newTab", true);
user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0DzytAzz0CtD0AyEtCzzyBtDtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtFtC
user_pref("extensions.funmoods.newtab", true);
user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0DzytAzz0CtD0AyEtCzzyBtDtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtFtC
user_pref("extensions.funmoods.prdct", "funmoods");
user_pref("extensions.funmoods.prtnrId", "funmoods");
user_pref("extensions.funmoods.prtnrid", "funmoods");
user_pref("extensions.funmoods.savedVrsnTs", "1");
user_pref("extensions.funmoods.sg", "none");
user_pref("extensions.funmoods.smplGrp", "none");
user_pref("extensions.funmoods.smplgrp", "none");
user_pref("extensions.funmoods.srch", "");
user_pref("extensions.funmoods.srchPrvdr", "Search");
user_pref("extensions.funmoods.srchprvdr", "Search");
user_pref("extensions.funmoods.tlbrId", "base");
user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0DzytAzz0CtD0AyEtCzzyBtDtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtF
user_pref("extensions.funmoods.tlbrid", "base");
user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0DzytAzz0CtD0AyEtCzzyBtDtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtF
user_pref("extensions.funmoods.vrsn", "1.5.23.22");
user_pref("extensions.funmoods.vrsnTs", "1.5.23.2219:41:40");
user_pref("extensions.funmoods.vrsni", "1.5.23.22");
user_pref("extensions.funmoods.vrsnts", "1.5.23.2219:41:40");
user_pref("extensions.funmoods_i.newTab", true);
user_pref("extensions.funmoods_i.smplGrp", "none");
user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2219:41:40");
user_pref("extensions.gmwKG8nuSgcn.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};new function(){var a=this;a.domain_storage=\"hxxp:
user_pref("extensions.tnYY4t8Ys3x.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};new function(){var a=this;a.domain_storage=\"hxxp:/
user_pref("extensions.xe0wphXXprb7.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};new function(){var a=this;a.domain_storage=\"hxxp:
user_pref("smartbar.machineId", "OGRM7TZOBD3XJQSSNKJ6WPIWRVESR6IZECVTQAVTXKTZPTAPVKZOPMCPOOEQF3DW38EC4BFQIJY6DQCIKZ6YMQ");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\ssharma\AppData\Roaming\mozilla\firefox\profiles\m1tixxl2.default\minidumps [71 files]



~~~ Chrome

Dumping contents of C:\Users\ssharma\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\ssharma\appdata\local\Google\Chrome\User Data\Default\Default\aagfgcdfgedfddggddgddfgfdegddigb
C:\Users\ssharma\appdata\local\Google\Chrome\User Data\Default\Default\aagfgcdfgedfddggddgddfgfdegddigb\background.js
C:\Users\ssharma\appdata\local\Google\Chrome\User Data\Default\Default\aagfgcdfgedfddggddgddfgfdegddigb\manifest.json

Successfully deleted: [Folder] C:\Users\ssharma\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/09/2014 at 10:34:29.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~