Whilst browsing through my registry, as I do from time to time when making sure removed programs haven't left anything behind, I came across two entries that I thought suspicious:
HKCU\Software\APN PIP
HKLM\Software\PIP
In searching on these entries I think they've likely come from Foxit Reader (despite unticking the 'Ask' toolbar during install it still puts entries in your registry). A lot of the search results I found refer to a scanning and cleaning utility that I've never heard of - AdwCleaner - so I thought I'd give it a try to see if it found anything else. Here are the relevant results of the scan on my computer:

***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\Software\PIP
***** [Internet Browsers] *****
-\\ Mozilla Firefox v20.0.1 (en-US)
File : C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\********.default\prefs.js
Found : user_pref("extensions.noredirect.list", "^hxxp://agoga\\.com::7:::^hxxp://(?:[^/]+\\.)?websearch\\.v[...]

I was irked to see an entry for Firefox because I like to think I'm quite on top of my security with the browser, so that was the first thing I looked into. The full entry from my preferences file reads as follows:

user_pref("extensions.noredirect.list", "^http://agoga\\.com::7:::^http://(?:[^/]+\\.)?websearch\\.verizon\\.net::7:::^http://(?:[^/]+\\.)?search\\.rogers\\.com::7:::^http://(?:[^/]+\\.)?earthlink-?help\\.net::7:::^http://(?:[^/]+\\.)?finder\\.cox\\.net::7:::^http://(?:[^/]+\\.)?search\\.embarq\\.com::7:::^http://ww11\\.charter\\.net::7:::^http://ww23\\.rr\\.com::7:::^http://guide\\.opendns\\.com/\\?url=::7:::^http://support\\.microsoft\\.com/.*smarterror::5:::^http://msdn\\.microsoft\\.com/.*missingurl=::5");

I can only think that it has something to do with one of my addons (either BetterPrivacy, NoScript or Ghostery) and is a static list of sites which are blocked from redirecting, or sites to which redirects are blocked. That or it's a default FF entry. So I was very puzzled as to why this program has flagged it for removal. Unless it is an entry of real concern. Searches on "extensions.noredirect.list" yield no results - not even from mozilla.org.
I then looked into the entries for the registry that I'd not already spotted myself and it transpires that the file secman.dll is from an installation of Samsung Kies, the program you have to install if you want to connect your Samsung mobile to your computer. It is a:

Quote

Security Manager Component for Microsoft Outlook allows to turn off and on Outlook Object Model Security Guard

That quoted from the file itself, as is the website address given: http://www.mapilab.com/
Seems legitimate to me. Whilst I don't use Outlook, so needn't be bothered, I can't help wondering why this AdwCleaner is flagging things for removal that seem to be security items. By this point I couldn't help also wondering if the 'conduitEngine' entry in my registry is also something innocent and the program is just assuming it's malicious because of the existence of the word 'conduit'. Unfortunately I can't find any way to contact the developer of this little program to question why it's flagging them. My next thought was that it's one of these rogue cleaning utilities, but in searching it is recommended by many legitimate sites, so I wondered if any of you guys have any ideas/insight.