How to Manually Remove Completely

There is a “computer virus” named or sweet page appears over the past few months. This “virus” which can hijack browser homepage and search engine is actually not a real computer virus, but a browser hijacker, according to many PC experts. This infection involves many net users, including experienced user ans inexperienced users, and is due in no part to the stealthy entrance of this program.


Basic details about

The developers of, Beijing Elex Technolgy Co. Ltd, which is completely a legal company, announces that this is a helpful search engine as it automatically returns all the best results from leading search engines including Google, Yahoo!, Bing and Yandex. As a matter of fact, it does provide search results related to famous search engines. But, why most users do not like it and eager to remove it from computer so urgent? The reason must be that most of us get used to utilize our favorite search engine like Google search, Yahoo search or Bing search, when we accidentally get a unknown search engine inside computer, especially a unwelcome one, we will get angry. The developer of this site has announced the launch of this search engine long time ago which featuring search functional and homepage offering. The development has already been verified to be legitimate which means that this site is not a illegal site but a regular search site. Then it is launched. However, this program is to have a full function of homepage, start page and search engine provided. It is to help net users online search with fast speed.4


Then why there are so many net users want to remove it from computer while it is legitimate?

The reason is not so complicated. One might be unfamiliarity, another is unwillingness.


When we get used to use a default homepage or search engine for a long time, it is not essential to get a new one, especially get a unfamiliar one for we will occasionally miss what we use before. In fact, it is not a good idea even if we do download this program by ourselves. According to majority of users, they get this program after installing other free programs. In another word, most of users do not willingly download it by themselves but accidentally get it along with other programs. Then under this situation, most users probably do not really want to use it at the beginning. And it goes worse when we realize all web browsers are hijacked so aggressively. Then, that is the main reason why we think it hateful. It not only enters our computer without permission but also make changes on homepage and search engine at the same time. Just like a invader, even its the original intention is to benefit online search. When we are trying to open a new tab on a browser it has hijacked, the most annoying thing will exist that we will continually get this site instead of a blank page or homepage. And it makes us more angry if this search engine does not provide satisfying result contents for us.5


While this search engine is certainly annoying, so is the result it provides. As we can see at the first paragraph that most users or victims are seeking a effective solution to get rid of this “virus”. Most of them call it “virus”. Technically, this is not a computer virus, but a browser hijacker which wants to control web browsers – just for advertising. The reason why we do not want to set it to be default homepage and search engine is that the search results it offers are not so satisfying. It is not difficult to see that the search result provided by this engine are coming along with random advertising contents both at the top and the right side of the result content. Also, at the bottom of the search page, different kinds of ads are demonstrated, including online games, fake security massages and other commercial links. 7Even the sites these ads contents link to are the cooperative partner of this search engine, but it still can not secure the safety of these third parties. Clicking on these ads can sometimes leads to dangers that they might redirect us access to some malicious websites like online shopping sites selling products, phishing sites containing scams or unwanted sites providing programs download. What is worse is that some ads will automatically install third party program once they are clicked. Then, our computer will be messed up by more and more potential unwanted programs.6


Transmission of

As there is not only one transmission carrier, many unknown programs can work with it. The ultimate goal of this program is to take control over the target web browsers, then it need to be installed on the system first. If we do not have an antivirus software on computer, the condition on the system will become more challenging, we can not rule out a possible effect on computer security. If we do not pay enough attention to the third party we download, what we end up with is the potential unwanted programs are installed by attaching to free application. Thus, the next time when we want to install freeware or shareware from the internet, take a few time to remember the rule of transmission browser hijacker or other infections. By all means, stop the installation of malicious bundles. The carriers listed below are the most common carrier used by But they are incomplete.891011


How to remove completely

To help tons of net users who want to remove from browser and clean computer totally, here we provide a manual removal guide. But before that, please note the use of manual removal at your own risk. If you do not get any removal experienced and do not want to take the risks, please download auto-fix tool for removal.

Recommended removal tool: Spyhunter

Developed by: Enigma Software

Ranked: 1st-Best Buy
Overall Rating: 5STARTS

Spyhunter is a professional removal tool which is a powerful removal tool to deal with browser hijacker. There are random functional components we can utilize in this program. As one of the top-recommended antivirus software for 2015, Spyhunter does not only win a good reputation from net users but also get rewards from antivirus test. It is a good tool at detecting browser hijacker and redirect virus in general.


SWEET-PAGE.COM detected by Spyhunter:11

If the manual removal is too difficult and dangerous, why not download Spyhunter?

Self-help guides – Manual removal details:


  1. Check if the homepage and search engine are all hijacked by SWEET-PAGE.COM.1

Clear IE “properties”

More to the IE shortcut on the desktop, right-click shortcut, select “properties”2

Here we can find a additional address is added after “Explorer.exe”, remove “SWEET-PAGE.COM…” completely34

Once it is done, click “OK”5

  1. Remove malicious IE registry

Click start or windows icon at the left bottom on desktop, on the search box, enter “regedit”6

Click “regedit.exe”7

Click to open “HKEY_CURRENT_USER”8

Click “software”9

Find and click “Microsoft”10

Select “Internet Explorer”11

Click “Main” value12

At the right window, find stings related to SWEET-PAGE.COM, one is related to “start page” and another is “default page URL”1314

Here are all the hijacked log created by SWEET-PAGE.COM:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL ={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page ={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant ={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch ={searchTerms}

O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll

O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - %CommonAppData%\IePluginService\PluginService.exe

O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - %CommonAppData%\WPM\wprotectmanager.exe

Right click on the string and select “delete” to remove them one by one15

Back to the homepage of registry editor, select “HKEY_LOCAL_MACHINE”16

The same, click “software” > “Microsoft” > “Internet Explorer” > “MAIN”17181920

Right-click related value and remove them21

Close the windows


(the homepage of Chrome is hijacked by SWEET-PAGE.COM)1

Click on icon, choose “settings” option2

Under startup click on “set page”3

Remove this search engine by clicking “X”4

Click “OK” to close

Under the “Appearance” section, click “change” option5

Remove SWEET-PAGE.COM and enter a favorite homepage like, or, then click “OK”6

Close Chrome


Open Firefox, click “setting”menu, select “options”1

The homepage is set to SWEET-PAGE.COM, we need to reset to default setting via clicking on “restore to default” option, and then click “OK”23

Clean Firefox properties

Right-click on the shortcut of Firefox, select “properties”4

Remove “SWEET-PAGE.COM…” from the bar, then click “OK”56

Make sure all the related files and windows registry entries are removed from the system.

(Note: If this search engine still hijacks web browser, that might result from the leftovers of malicious files)

Files created by SWEET-PAGE.COM:






















c:\Program Files\Mozilla Firefox\searchplugins\sweet-page.xml

c:\Program Files\SupTab\

c:\Program Files\SupTab\BHOEnabler.exe

c:\Program Files\SupTab\

c:\Program Files\SupTab\SupIePluginServiceUpdate.exe

c:\Program Files\SupTab\SupTab.dll

c:\Program Files\SupTab\uninstall.exe

c:\Program Files\SupTab\web\

c:\Program Files\SupTab\web\indexIE.html

c:\Program Files\SupTab\web\indexIE8.html

c:\Program Files\SupTab\web\style.css

c:\Program Files\SupTab\web\ver.txt

c:\Program Files\SupTab\web\_locales\

c:\Program Files\SupTab\web\_locales\en-US\

c:\Program Files\SupTab\web\_locales\en-US\messages.json

c:\Program Files\SupTab\web\_locales\es-419\

c:\Program Files\SupTab\web\img\

c:\Program Files\SupTab\web\img\default_logo.png

c:\Program Files\SupTab\web\img\icon128.png

c:\Program Files\SupTab\web\img\icon16.png

c:\Program Files\SupTab\web\img\icon48.png

c:\Program Files\SupTab\web\img\loading.gif

c:\Program Files\SupTab\web\img\weather\

c:\Program Files\SupTab\web\img\weather\0.png

c:\Program Files\SupTab\web\img\weather\1.png

c:\Program Files\SupTab\web\js\

c:\Program Files\SupTab\web\js\background.js

c:\Program Files\SupTab\web\js\ga.js

c:\Program Files\SupTab\web\js\jquery.autocomplete.js

c:\Program Files\SupTab\web\js\jquery-base.js

c:\Program Files\SupTab\web\js\js.js

c:\Program Files\SupTab\web\js\xagainit.js

SWEET-PAGE.COM windows registry:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}




HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}



HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstaller







HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Default_Page_URL" = "<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing "NewTabPageShow" = "0"

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "C:\Program Files\Mozilla Firefox\firefox.exe<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command "(Default)" = "C:\Documents and Settings\Bleeping\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "C:\Program Files\Internet Explorer\iexplore.exe<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command "(Default)" = "C:\Program Files\Opera\Opera.exe"<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera.exe\shell\open\command "(Default)" = "C:\Program Files\Opera\Opera.exe"<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Safari.exe\shell\open\command "(Default)" = "C:\Program Files\Safari\Safari.exe"<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SEAMONKEY.EXE\shell\open\command "(Default)" = "C:\Program Files\SeaMonkey\seamonkey.exe<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main "Default_Page_URL" = "<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main "Default_Search_URL" = "<timestamp>&from=tugs&uid=<hard-disk-id>&q={searchTerms}"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main "Search Page" = "<timestamp>&from=tugs&uid=<hard-disk-id>&q={searchTerms}"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main "Start Page" = "<timestamp>&from=tugs&uid=<hard-disk-id>"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search "CustomizeSearch" = "<timestamp>&from=tugs&uid=<hard-disk-id>&q={searchTerms}"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search "SearchAssistant" = "<timestamp>&from=tugs&uid=<hard-disk-id>&q={searchTerms}"

If the manual removal still does not take effect, download a removal tool will help, as some malicious files are hidden to make them difficult to find. But no matter how deep the insecure files and programs hide, antivirus software can detect them completely.


do keep away from browser hijacker, adware program and other malicious applications as possible as we can, as these negatively influence the computer system. This can be alleviated by ensuring we use windows firewall and antivirus software for protection, and reduce the risks when we are browsing the internet. When looking for free application from the internet, be caution about the site which offers free-download links for the link might be a download link to force you to save unwanted exe files or make you download application with random bundles. When encountering a poor performance on the infected computer,we believe that such symptom is the caused by SWEET-PAGE.COM, along poor internet speed. Computer – a machine we almost use every, is so important to our daily life, so, why we start paying attention to computer security until we get hacked? It is never too late to build a stronger defense to prevent virus and infections. Before the computer system is badly damages, let us take actions to fix malware issues and fix system loopholes completely. Since antivirus software is the most effective tool to fight against attacks, the below tools are highly recommended for computer protection for they are not only powerful in detecting virus but also effective to ensure computer security.

2015 Top antivirus software for desktop and laptop

1               2                       3

Spyhunter                                           Malwarebytes                            Spyware Detector

download-now-button                            download-now-button                           download-now-button


The following video offers a complete guide for redirect virus removal. You’d better watch it in full-screen mode!

Share Button