Publicité
Publicité
Format du document : text/plain
Prévisualisation
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-01-2020
# Duration: 00:00:41
# OS: Windows 7 Home Premium
# Cleaned: 63
# Failed: 3
***** [ Services ] *****
Deleted GPCWValidator
Deleted LavasoftTcpService
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files\System Care
Deleted C:\ProgramData\AVG Security Toolbar
Deleted C:\ProgramData\AVG_UPDATE_1214TB
Deleted C:\ProgramData\GPCWValidator
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\globalpcworks.com
Deleted C:\Users\PORTABLE\AppData\Roaming\Lavasoft\Web Companion
Deleted C:\Users\PORTABLE\AppData\Roaming\cacaoweb
Deleted C:\Users\PORTABLE\AppData\Roaming\globalpcworks.com
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Not Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Not Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Not Deleted C:\ProgramData\Lavasoft\Web Companion
***** [ Files ] *****
Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted C:\Windows\System32\LavasoftTcpService64.dll
Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted C:\appverifier.txt
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\SYSTEM CARE_LOGON
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\cacaoweb
Deleted HKCU\Software\globalpcworks.com
Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9AFD96C-C727-460F-BF26-7B85E0189CAF}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System Care_Logon
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{40745F84-C8A4-415C-8B95-82045AF35A9E}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{9FFD42FB-EF3E-46CF-8CE8-F471840F09F4}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{49EF16B8-6B37-4A07-97FB-FDACF229F46A}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{AFA0D180-88DE-4B2E-97F0-48A7C67275BF}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\GPCWValidatorService
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{475713a2-db68-4735-965a-63b88b14ec58}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{475713a2-db68-4735-965a-63b88b14ec58}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{475713a2-db68-4735-965a-63b88b14ec58}|UninstallString
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
Deleted HKLM\Software\globalpcworks.com
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\GPCWValidator
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
Deleted MSN Homepage & Bing Search Engine
Deleted bopakagnckmlgajfccecajhnimjiiedh
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8036 octets] - [27/01/2020 22:09:12]
AdwCleaner[S01].txt - [8177 octets] - [01/02/2020 13:26:19]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-01-2020
# Duration: 00:00:41
# OS: Windows 7 Home Premium
# Cleaned: 63
# Failed: 3
***** [ Services ] *****
Deleted GPCWValidator
Deleted LavasoftTcpService
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files\System Care
Deleted C:\ProgramData\AVG Security Toolbar
Deleted C:\ProgramData\AVG_UPDATE_1214TB
Deleted C:\ProgramData\GPCWValidator
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\globalpcworks.com
Deleted C:\Users\PORTABLE\AppData\Roaming\Lavasoft\Web Companion
Deleted C:\Users\PORTABLE\AppData\Roaming\cacaoweb
Deleted C:\Users\PORTABLE\AppData\Roaming\globalpcworks.com
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Not Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Not Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Not Deleted C:\ProgramData\Lavasoft\Web Companion
***** [ Files ] *****
Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted C:\Windows\System32\LavasoftTcpService64.dll
Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted C:\appverifier.txt
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\SYSTEM CARE_LOGON
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\cacaoweb
Deleted HKCU\Software\globalpcworks.com
Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9AFD96C-C727-460F-BF26-7B85E0189CAF}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System Care_Logon
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{40745F84-C8A4-415C-8B95-82045AF35A9E}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{9FFD42FB-EF3E-46CF-8CE8-F471840F09F4}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{49EF16B8-6B37-4A07-97FB-FDACF229F46A}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{AFA0D180-88DE-4B2E-97F0-48A7C67275BF}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\GPCWValidatorService
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{475713a2-db68-4735-965a-63b88b14ec58}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{475713a2-db68-4735-965a-63b88b14ec58}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{475713a2-db68-4735-965a-63b88b14ec58}|UninstallString
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
Deleted HKLM\Software\globalpcworks.com
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\GPCWValidator
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
Deleted MSN Homepage & Bing Search Engine
Deleted bopakagnckmlgajfccecajhnimjiiedh
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8036 octets] - [27/01/2020 22:09:12]
AdwCleaner[S01].txt - [8177 octets] - [01/02/2020 13:26:19]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########