# AdwCleaner v4.111 - Logfile created 25/02/2015 at 17:48:16 # Updated 18/02/2015 by Xplode # Database : 2015-02-18.3 [Server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : User - USER-KOMPUTER # Running from : C:\Users\User\Downloads\adwcleaner_4.111.exe # Option : Cleaning ***** [ Services ] ***** [#] Service Deleted : IePluginServices Service Deleted : vToolbarUpdater3.2.0 ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\AVG Security Toolbar Folder Deleted : C:\ProgramData\IePluginServices Folder Deleted : C:\Program Files (x86)\SupTab Folder Deleted : C:\Program Files (x86)\sitefinder Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Users\User\AppData\LocalLow\sitefinder Folder Deleted : C:\Users\User\AppData\Roaming\SimilarSites Folder Deleted : C:\Users\User\AppData\Roaming\SupTab Folder Deleted : C:\Users\User\AppData\Roaming\sweet-page Folder Deleted : C:\Users\User\AppData\Roaming\Systweak Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dk3340qg.default\Extensions\Avg@toolbar Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dk3340qg.default\Extensions\faststartff@gmail.com Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dk3340qg.default\Extensions\sitefinder@sitefinder.com File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dk3340qg.default\searchplugins\avg-secure-search.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\sweet-page.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\wtu-secure-search.xml File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal File Deleted : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.biznesfinder.pl_0.localstorage-journal File Deleted : C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.biznesfinder.pl_0.localstorage ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk Shortcut Disinfected : C:\Users\User\Desktop\Program uruchamiający aplikacje Chrome.lnk Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Program uruchamiający aplikacje Chrome.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Download Helper.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices Key Deleted : HKCU\Software\Mozilla\Extends Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\systweak Key Deleted : HKLM\SOFTWARE\SupDp Key Deleted : HKLM\SOFTWARE\SupTab Key Deleted : HKLM\SOFTWARE\sweet-pageSoftware Key Deleted : HKLM\SOFTWARE\systweak Key Deleted : HKLM\SOFTWARE\Wpm Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstaller Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17631 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Mozilla Firefox v14.0.1 (pl) [dk3340qg.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"); [dk3340qg.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "sweet-page"); [dk3340qg.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "sweet-page"); [dk3340qg.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.sweet-page.com/?type=hppp&ts=1409078329&from=cor&uid=ST500LT012-1DG142_S3P41TFMXXXXS3P41TFM"); [dk3340qg.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false); [dk3340qg.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true); -\\ Google Chrome v40.0.2214.115 [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.sweet-page.com/web/?type=dspp&ts=1424876984&from=cor&uid=ST500LT012-1DG142_S3P41TFMXXXXS3P41TFM&q={searchTerms} -\\ Opera v27.0.1689.76 [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.sweet-page.com/web/?type=dspp&ts=1424876984&from=cor&uid=ST500LT012-1DG142_S3P41TFMXXXXS3P41TFM&q={searchTerms} ************************* AdwCleaner[R0].txt - [9453 bytes] - [25/02/2015 17:39:01] AdwCleaner[R1].txt - [9793 bytes] - [25/02/2015 17:45:56] AdwCleaner[S0].txt - [345 bytes] - [25/02/2015 17:44:21] AdwCleaner[S1].txt - [10386 bytes] - [25/02/2015 17:48:16] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10446 bytes] ##########