~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x86
Ran by vikas on 16-01-15 at 17:08:00.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Int
ernet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Int
ernet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\In
ternet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\In
ternet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Traci
ng\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Traci
ng\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Traci
ng\SoftonicDownloader_for_dreamlight-photo-editor_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Traci
ng\SoftonicDownloader_for_dreamlight-photo-editor_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Traci
ng\SoftonicDownloader_for_free-ringtone-maker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Traci
ng\SoftonicDownloader_for_free-ringtone-maker_RASMANCS

~~~ Files
Successfully deleted: [File] C:\Windows\System32\Tasks\WSE_Astromenda

~~~ Folders
Successfully deleted: [Folder] "C:\Users\vikas\AppData\Roaming\ap_logs"
Successfully deleted: [Folder] "C:\Users\vikas\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\vikas\Local Settings\Application Data\g
lobalupdate"

~~~ FireFox

Successfully deleted: [File] C:\Users\vikas\AppData\Roaming\mozilla\firefox\prof

iles\kixcrq73.default\user.js
Successfully deleted: [File] C:\Users\vikas\AppData\Roaming\mozilla\firefox\prof
iles\kixcrq73.default\searchplugins\astromenda.xml
Successfully deleted: [Folder] C:\Users\vikas\AppData\Roaming\mozilla\firefox\pr
ofiles\kixcrq73.default\extensions\staged
Successfully deleted the following from C:\Users\vikas\AppData\Roaming\mozilla\f
irefox\profiles\kixcrq73.default\prefs.js
user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_cmi
_14_39_ch&cd=2XzuyEtN2Y1L1QzutAzzyCtDyByBtD0DyCyB0C0FtAzz0EzztN0D0Tzu0SzyzyzytN1
L2XzutAtFtBtFtC
user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_c
mi_14_39_ch&cd=2XzuyEtN2Y1L1QzutAzzyCtDyByBtD0DyCyB0C0FtAzz0EzztN0D0Tzu0Szyzyzyt
N1L2XzutAtFtBtF
user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");
user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");
user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast
_cmi_14_39_ch&cd=2XzuyEtN2Y1L1QzutAzzyCtDyByBtD0DyCyB0C0FtAzz0EzztN0D0Tzu0Szyzyz
ytN1L2XzutAtFtB
user_pref("extensions.crossrider.bic", "148ad94a1bde28784c9fa58ebc87d3cf");
Emptied folder: C:\Users\vikas\AppData\Roaming\mozilla\firefox\profiles\kixcrq73
.default\minidumps [3 files]

~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Ex
tensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\E
xtensions\pfkfdlcdbajamklbneflfbcmfgddmpae

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16-01-15 at 17:09:17.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~