Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner v6.045 - Logfile created 14/04/2017 at 19:46:40
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-13.1 [Local]
# Operating System : Windows 10 Pro (X64)
# Username : Paull - DESKTOP-RPI8QGR
# Running from : C:\Users\Paull\Desktop\adwcleaner_6.045.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
Service Found: surfeasyvpn
***** [ Folders ] *****
Folder Found: C:\Users\Paull\AppData\Local\jawego
Folder Found: C:\Users\Paull\AppData\Local\Jawego\PC Protector Plus
Folder Found: C:\Users\Paull\AppData\Roaming\Browser-Security
Folder Found: C:\Users\Paull\AppData\Roaming\cacaoweb
Folder Found: C:\Users\Paull\AppData\Roaming\ParetoLogic
Folder Found: C:\Users\Paull\AppData\Roaming\Event Monitor
Folder Found: C:\Users\Paull\AppData\Roaming\PCPRJ
Folder Found: C:\Users\Paull\AppData\Roaming\jawego
Folder Found: C:\Users\Paull\AppData\Roaming\PARETOLOGIC
Folder Found: C:\Users\Paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Found: C:\Users\Paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PARETOLOGIC
Folder Found: C:\Program Files\ByteFence
Folder Found: C:\ProgramData\ParetoLogic
Folder Found: C:\ProgramData\lavasoft\web companion
Folder Found: C:\ProgramData\PARETOLOGIC
Folder Found: C:\ProgramData\Application Data\ParetoLogic
Folder Found: C:\ProgramData\Application Data\lavasoft\web companion
Folder Found: C:\ProgramData\Application Data\PARETOLOGIC
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Folder Found: C:\Program Files (x86)\ParetoLogic
Folder Found: C:\Program Files (x86)\PARETOLOGIC
Folder Found: C:\Program Files (x86)\Common Files\ParetoLogic
Folder Found: C:\Program Files (x86)\Common Files\PARETOLOGIC
Folder Found: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Folder Found: C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Folder Found: C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej
***** [ Files ] *****
File Found: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
File Found: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
File Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
File Found: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
File Found: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
File Found: C:\Users\Paull\AppData\Roaming\Mozilla\Firefox\Profiles\5wlf72ip.default\searchplugins\yahoo-lavasoft.xml
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
Task Found: PC Health Advisor
Task Found: PC Health Advisor Defrag
Task Found: LaunchPreSignup
***** [ Registry ] *****
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Key Found: HKLM\SOFTWARE\Classes\uus3url-pl
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Key Found: [x64] HKLM\SOFTWARE\Classes\uus3url-pl
Key Found: HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\cacaoweb
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Jawego
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\ParetoLogic
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\PRODUCTSETUP
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\PC
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Lavasoft\Web Companion
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\csastats
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Event Monitor
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\ICSW1.22
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\PCPRJ
Key Found: HKCU\Software\cacaoweb
Key Found: HKCU\Software\Jawego
Key Found: HKCU\Software\ParetoLogic
Key Found: HKCU\Software\PRODUCTSETUP
Key Found: HKCU\Software\PC
Key Found: HKCU\Software\Lavasoft\Web Companion
Key Found: HKCU\Software\csastats
Key Found: HKCU\Software\Event Monitor
Key Found: HKCU\Software\ICSW1.22
Key Found: HKCU\Software\PCPRJ
Key Found: HKLM\SOFTWARE\ByteFence
Key Found: HKLM\SOFTWARE\Jawego
Key Found: HKLM\SOFTWARE\ParetoLogic
Key Found: HKLM\SOFTWARE\PC
Key Found: HKLM\SOFTWARE\Lavasoft\Web Companion
Key Found: HKLM\SOFTWARE\Event Monitor
Key Found: HKLM\SOFTWARE\PCPRJ
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winsearch
Key Found: [x64] HKCU\Software\cacaoweb
Key Found: [x64] HKCU\Software\Jawego
Key Found: [x64] HKCU\Software\ParetoLogic
Key Found: [x64] HKCU\Software\PRODUCTSETUP
Key Found: [x64] HKCU\Software\PC
Key Found: [x64] HKCU\Software\Lavasoft\Web Companion
Key Found: [x64] HKCU\Software\csastats
Key Found: [x64] HKCU\Software\Event Monitor
Key Found: [x64] HKCU\Software\ICSW1.22
Key Found: [x64] HKCU\Software\PCPRJ
Key Found: [x64] HKLM\SOFTWARE\ByteFence
Data Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp
Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10118__161230__yaie
Data Found: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10118__161230__yaie
Data Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_27¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [cacaoweb]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [safe_urls768]
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Key Found: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Key Found: HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Key Found: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found: HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
Key Found: HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
Key Found: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
***** [ Web browsers ] *****
Firefox pref Found: [C:\Users\Paull\AppData\Roaming\Mozilla\Firefox\Profiles\5wlf72ip.default\prefs.js] - "browser.newtab.url" - "hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__
Firefox pref Found: [C:\Users\Paull\AppData\Roaming\Mozilla\Firefox\Profiles\5wlf72ip.default\prefs.js] - "browser.newtabpage.url" - "hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__
Firefox pref Found: [C:\Users\Paull\AppData\Roaming\Mozilla\Firefox\Profiles\5wlf72ip.default\prefs.js] - "browser.startup.homepage" - "hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Web data] - yahoo! powered
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Secure Preferences] - hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_nrssi_16_25¶m1=1¶m2=f%3D7%26b%3
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - pilplloabdedfmialnfchjomjmpjcoej
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_nrssi_16_25¶m1=1¶m2=f%3D1%26b%
Chrome pref Found: [C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found: [C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chrome pref Found: [C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd
Chrome pref Found: [C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - pilplloabdedfmialnfchjomjmpjcoej
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [14748 Bytes] - [14/04/2017 19:29:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [14479 Bytes] - [14/04/2017 19:46:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14553 Bytes] ##########
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-13.1 [Local]
# Operating System : Windows 10 Pro (X64)
# Username : Paull - DESKTOP-RPI8QGR
# Running from : C:\Users\Paull\Desktop\adwcleaner_6.045.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
Service Found: surfeasyvpn
***** [ Folders ] *****
Folder Found: C:\Users\Paull\AppData\Local\jawego
Folder Found: C:\Users\Paull\AppData\Local\Jawego\PC Protector Plus
Folder Found: C:\Users\Paull\AppData\Roaming\Browser-Security
Folder Found: C:\Users\Paull\AppData\Roaming\cacaoweb
Folder Found: C:\Users\Paull\AppData\Roaming\ParetoLogic
Folder Found: C:\Users\Paull\AppData\Roaming\Event Monitor
Folder Found: C:\Users\Paull\AppData\Roaming\PCPRJ
Folder Found: C:\Users\Paull\AppData\Roaming\jawego
Folder Found: C:\Users\Paull\AppData\Roaming\PARETOLOGIC
Folder Found: C:\Users\Paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Found: C:\Users\Paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PARETOLOGIC
Folder Found: C:\Program Files\ByteFence
Folder Found: C:\ProgramData\ParetoLogic
Folder Found: C:\ProgramData\lavasoft\web companion
Folder Found: C:\ProgramData\PARETOLOGIC
Folder Found: C:\ProgramData\Application Data\ParetoLogic
Folder Found: C:\ProgramData\Application Data\lavasoft\web companion
Folder Found: C:\ProgramData\Application Data\PARETOLOGIC
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Folder Found: C:\Program Files (x86)\ParetoLogic
Folder Found: C:\Program Files (x86)\PARETOLOGIC
Folder Found: C:\Program Files (x86)\Common Files\ParetoLogic
Folder Found: C:\Program Files (x86)\Common Files\PARETOLOGIC
Folder Found: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Folder Found: C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Folder Found: C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej
***** [ Files ] *****
File Found: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
File Found: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
File Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
File Found: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
File Found: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
File Found: C:\Users\Paull\AppData\Roaming\Mozilla\Firefox\Profiles\5wlf72ip.default\searchplugins\yahoo-lavasoft.xml
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
Task Found: PC Health Advisor
Task Found: PC Health Advisor Defrag
Task Found: LaunchPreSignup
***** [ Registry ] *****
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Key Found: HKLM\SOFTWARE\Classes\uus3url-pl
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Key Found: [x64] HKLM\SOFTWARE\Classes\uus3url-pl
Key Found: HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\cacaoweb
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Jawego
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\ParetoLogic
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\PRODUCTSETUP
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\PC
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Lavasoft\Web Companion
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\csastats
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Event Monitor
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\ICSW1.22
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\PCPRJ
Key Found: HKCU\Software\cacaoweb
Key Found: HKCU\Software\Jawego
Key Found: HKCU\Software\ParetoLogic
Key Found: HKCU\Software\PRODUCTSETUP
Key Found: HKCU\Software\PC
Key Found: HKCU\Software\Lavasoft\Web Companion
Key Found: HKCU\Software\csastats
Key Found: HKCU\Software\Event Monitor
Key Found: HKCU\Software\ICSW1.22
Key Found: HKCU\Software\PCPRJ
Key Found: HKLM\SOFTWARE\ByteFence
Key Found: HKLM\SOFTWARE\Jawego
Key Found: HKLM\SOFTWARE\ParetoLogic
Key Found: HKLM\SOFTWARE\PC
Key Found: HKLM\SOFTWARE\Lavasoft\Web Companion
Key Found: HKLM\SOFTWARE\Event Monitor
Key Found: HKLM\SOFTWARE\PCPRJ
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winsearch
Key Found: [x64] HKCU\Software\cacaoweb
Key Found: [x64] HKCU\Software\Jawego
Key Found: [x64] HKCU\Software\ParetoLogic
Key Found: [x64] HKCU\Software\PRODUCTSETUP
Key Found: [x64] HKCU\Software\PC
Key Found: [x64] HKCU\Software\Lavasoft\Web Companion
Key Found: [x64] HKCU\Software\csastats
Key Found: [x64] HKCU\Software\Event Monitor
Key Found: [x64] HKCU\Software\ICSW1.22
Key Found: [x64] HKCU\Software\PCPRJ
Key Found: [x64] HKLM\SOFTWARE\ByteFence
Data Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp
Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10118__161230__yaie
Data Found: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10118__161230__yaie
Data Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_27¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3
Key Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [cacaoweb]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
Value Found: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [safe_urls768]
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Key Found: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Key Found: HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Key Found: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found: HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
Key Found: HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
Key Found: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
***** [ Web browsers ] *****
Firefox pref Found: [C:\Users\Paull\AppData\Roaming\Mozilla\Firefox\Profiles\5wlf72ip.default\prefs.js] - "browser.newtab.url" - "hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__
Firefox pref Found: [C:\Users\Paull\AppData\Roaming\Mozilla\Firefox\Profiles\5wlf72ip.default\prefs.js] - "browser.newtabpage.url" - "hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__
Firefox pref Found: [C:\Users\Paull\AppData\Roaming\Mozilla\Firefox\Profiles\5wlf72ip.default\prefs.js] - "browser.startup.homepage" - "hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Web data] - yahoo! powered
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Secure Preferences] - hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_nrssi_16_25¶m1=1¶m2=f%3D7%26b%3
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - pilplloabdedfmialnfchjomjmpjcoej
Chrome pref Found: [C:\Users\Paull\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_nrssi_16_25¶m1=1¶m2=f%3D1%26b%
Chrome pref Found: [C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found: [C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chrome pref Found: [C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd
Chrome pref Found: [C:\Users\Paull\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - pilplloabdedfmialnfchjomjmpjcoej
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [14748 Bytes] - [14/04/2017 19:29:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [14479 Bytes] - [14/04/2017 19:46:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14553 Bytes] ##########