# AdwCleaner v2.009 - Logfile created 11/27/2012 at 17:40:40
# Updated 24/11/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# User : PAULINA - PAULINA-PC
# Boot Mode : Normal
# Running from : C:\Users\PAULINA\Downloads\AdwCleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
File Deleted : C:\user.js
File Deleted : C:\Users\PAULINA\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage
File Deleted : C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\searchplugins\Ask.xml
File Deleted : C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\searchplugins\search.xml
File Deleted : C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\searchplugins\SweetIm.xml
Folder Deleted : C:\Program Files\BabylonToolbar
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Users\PAULINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\PAULINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Folder Deleted : C:\Users\PAULINA\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\PAULINA\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\PAULINA\AppData\Roaming\Babylon
Folder Deleted : C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
Folder Deleted : C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\extensions\crossriderapp435@crossrider.com
Folder Deleted : C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\WinampToolbarData
Folder Deleted : C:\Users\PAULINA\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Windows\Installer\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19088

Deleted : [HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page]
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=112555&tt=060612_6_&babsrc=NT_ss&mntrId=1212cdae000000000000000000000000 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzutAtN2Y1L1QzutDtDtBtA0CtAyE0A0B0ByC0E0C0D0A0EtN0D0TzutBtDtCtBtDyDtBzz&cr=1925416119 --> hxxp://www.google.com

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default 
File : C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\prefs.js

C:\Users\PAULINA\AppData\Roaming\Mozilla\Firefox\Profiles\vhx3s3os.default\user.js ... Deleted !

Deleted : user_pref("extensions.snipit.askTbInstalled", true);
Deleted : user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&[...]
Deleted : user_pref("keyword.URL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=");
Deleted : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;media_btn_wa;shout_btn_wa;ai[...]
Deleted : user_pref("winamp_toolbar.firsttime.showwindow", false);
Deleted : user_pref("winamp_toolbar.install.lastName.refresh", "Winamp Toolbar");
Deleted : user_pref("winamp_toolbar.install.lastVersion.refresh", "1.0.0.1");
Deleted : user_pref("winamp_toolbar.metrics.activestampdate", "7");
Deleted : user_pref("winamp_toolbar.metrics.activestampmonth", "2");
Deleted : user_pref("winamp_toolbar.metrics.activestampyear", "2009");
Deleted : user_pref("winamp_toolbar.metrics.originalDate", "24");
Deleted : user_pref("winamp_toolbar.metrics.originalHours", "24");
Deleted : user_pref("winamp_toolbar.metrics.originalMinutes", "30");
Deleted : user_pref("winamp_toolbar.metrics.originalMonth", "2");
Deleted : user_pref("winamp_toolbar.metrics.originalSeconds", "11");
Deleted : user_pref("winamp_toolbar.metrics.originalYear", "2008");
Deleted : user_pref("winamp_toolbar.search.populateoncomplete", false);
Deleted : user_pref("winamp_toolbar.search.searchtype", "web");
Deleted : user_pref("winamp_toolbar.surf.date", "3");
Deleted : user_pref("winamp_toolbar.surf.lastDate", "7");
Deleted : user_pref("winamp_toolbar.surf.lastMonth", "2");
Deleted : user_pref("winamp_toolbar.surf.lastYear", "2009");
Deleted : user_pref("winamp_toolbar.surf.mURL", "");
Deleted : user_pref("winamp_toolbar.surf.mURLh", "0");
Deleted : user_pref("winamp_toolbar.surf.mURLw", "0");
Deleted : user_pref("winamp_toolbar.surf.mURLx", "0");
Deleted : user_pref("winamp_toolbar.surf.mURLy", "0");
Deleted : user_pref("winamp_toolbar.surf.milestone", "-1");
Deleted : user_pref("winamp_toolbar.surf.month", "1014");
Deleted : user_pref("winamp_toolbar.surf.prevMonth", "7087");
Deleted : user_pref("winamp_toolbar.surf.total", "33541");
Deleted : user_pref("winamp_toolbar.surf.week", "1014");
Deleted : user_pref("winamp_toolbar.surf.year", "12108");
Deleted : user_pref("winamp_toolbar.upgrade.showwindow", false);
Deleted : user_pref("winamp_toolbar.winamp.title", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracktime", "-999998");
Deleted : user_pref("extensions.crossriderapp435.adsOldValue", -1);
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.ask.com/?o=101764&l=dis")[...]
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000&st=12&barid={1316[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Ask");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Ask");
Deleted : user_pref("backup.old.browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.1010000&st=12&barid[...]
Deleted : user_pref("backup.old.browser.search.selectedEngine", "SweetIM Search");
Deleted : user_pref("backup.old.browser.search.defaultenginename", "SweetIM Search");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\PAULINA\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.16] : homepage = "hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzutAtN2Y1L1QzutDtDtBtA0CtAyE0A[...]
Deleted [l.20] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000&st=12&barid={131687[...]
Deleted [l.55] : icon_url = "hxxp://start.funmoods.com/favicon.ico",
Deleted [l.58] : keyword = "funmoods.com",
Deleted [l.61] : search_url = "hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2Xz[...]
Deleted [l.1774] : homepage = "hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzutAtN2Y1L1QzutDtDtBtA0CtAyE0A0B0[...]
Deleted [l.2237] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000&st=12&barid={13168760-[...]

-\\ Opera v11.64.1403.0

File : C:\Users\PAULINA\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [13394 octets] - [27/11/2012 17:40:40]

########## EOF - C:\AdwCleaner[S2].txt - [13455 octets] ##########