# AdwCleaner v2.114 - Logfile created 03/06/2013 at 07:30:31
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Petr - PETR-PC
# Boot Mode : Normal
# Running from : C:\Users\Petr_2\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Deleted : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
File Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kvfoem71.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Petr\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Kuba\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Deleted : C:\Users\Petr\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Petr\AppData\Roaming\AD ON Multimedia
Folder Deleted : C:\Users\Petr\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Petr_2\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Petr_2\AppData\LocalLow\facemoods.com

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\GreenTree Applications
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKU\S-1-5-21-118582844-522593287-3683846926-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ddrnw --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (cs)

File : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kvfoem71.default\prefs.js

Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 11);
Deleted : user_pref("extensions.BabylonToolbar.cntry", "CZ");
Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "E148E9567C60720C2B6F5FD7B2A63A61");
Deleted : user_pref("extensions.BabylonToolbar.lastActv", "11");
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 11);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsn", "1.4.23.10");
Deleted : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");
Deleted : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Deleted : user_pref("extensions.facemoods.dfltSrch", true);
Deleted : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Deleted : user_pref("extensions.facemoods.dnsErr", true);
Deleted : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Deleted : user_pref("extensions.facemoods.firstRun", false);
Deleted : user_pref("extensions.facemoods.first_time", false);
Deleted : user_pref("extensions.facemoods.hmpg", true);
Deleted : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");
Deleted : user_pref("extensions.facemoods.id", "_#d48160f90000000000004487fcd112ed");
Deleted : user_pref("extensions.facemoods.instlDay", "_#15307");
Deleted : user_pref("extensions.facemoods.mntz", "");
Deleted : user_pref("extensions.facemoods.newTab", true);
Deleted : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");
Deleted : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Deleted : user_pref("extensions.facemoods.searchProviderAdded", true);
Deleted : user_pref("extensions.facemoods.sid", "_#b659cc3e2b174878bf82eae2213740b1");
Deleted : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");
Deleted : user_pref("extensions.facemoods.update", "_#v1.4.0");
Deleted : user_pref("extensions.facemoods.vrsn", "_#1.4.17.11");
Deleted : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"FaceSmooch\",\"description\":\"Spi[...]
Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANS[...]
Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");

File : C:\Users\Petr_2\AppData\Roaming\Mozilla\Firefox\Profiles\e60k7cvv.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 11);
Deleted : user_pref("extensions.BabylonToolbar.cntry", "CZ");
Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "E148E9567C60720C2B6F5FD7B2A63A61");
Deleted : user_pref("extensions.BabylonToolbar.lastActv", "11");
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 11);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsn", "1.4.23.10");
Deleted : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"FaceSmooch\",\"description\":\"Spi[...]
Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANS[...]
Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");

File : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\hcebusov.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.20] : icon_url = "hxxp://facemoods.com/favicon.ico",
Deleted [l.23] : keyword = "facemoods.com",
Deleted [l.26] : search_url = "hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4",
Deleted [l.221] : homepage = "hxxp://start.facemoods.com/?a=ddrnw",

File : C:\Users\Petr_2\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7949 octets] - [06/03/2013 07:30:31]

########## EOF - \AdwCleaner[S1].txt - [8009 octets] ##########