# ------------------------------- # Malwarebytes AdwCleaner 7.2.0.0 # ------------------------------- # Build: 06-05-2018 # Database: 2018-06-15.3 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 06-18-2018 # Duration: 00:00:30 # OS: Windows 7 Home Premium # Cleaned: 63 # Failed: 2 ***** [ Services ] ***** Deleted WCAssistantService ***** [ Folders ] ***** Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Updater Deleted C:\Users\proprietaire\AppData\Roaming\driverdetails.com Deleted C:\Program Files (x86)\TotalAV Deleted C:\ProgramData\BSD\DriverHiveEngine Not Deleted C:\ProgramData\lavasoft\web companion Not Deleted C:\Program Files (x86)\lavasoft\web companion Deleted C:\Windows\System32\config\systemprofile\AppData\Local\WebBar Deleted C:\ProgramData\PCVARK Deleted C:\Program Files (x86)\Universal Driver Updater Deleted C:\ProgramData\Nico Mak Computing\WinZip Malware Protector Deleted C:\Users\proprietaire\AppData\Roaming\Nico Mak Computing\WinZip Malware Protector Deleted C:\Program Files (x86)\WinZip Malware Protector ***** [ Files ] ***** Deleted C:\Windows\System32\LavasoftTcpService64.dll Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll Deleted C:\appverifier.txt Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\Driver Updater_Logon ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{142F9F47-4205-4D55-9FB9-A97384ACB81D} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Updater_Logon Deleted HKLM\Software\Wow6432Node\BSD Deleted HKCU\Software\driverdetails.com Deleted HKLM\Software\driverdetails.com Deleted HKLM\Software\ddtdu-pr Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted HKLM\Software\pcv-var Deleted HKU\S-1-5-18\Software\Lavasoft\Web Companion Deleted HKU\.DEFAULT\Software\Lavasoft\Web Companion Deleted HKLM\SOFTWARE\Classes\Unknown\shell\opendlg\command|windowsfileopener.Dat Deleted HKLM\SOFTWARE\Classes\Unknown\shell\openas\command|windowsfileopener.Dat Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{0757C9D8-D8A3-33F5-CEE2-11D09918BA8F} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Universal Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKCU\Software\Microsoft\Internet Explorer\AboutUrls|Tabs Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\Software\Wow6432Node\PCVARK Deleted HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe Deleted HKLM\Software\cGN0b25pY3MuY29t Deleted HKCU\Software\NICO MAK COMPUTING\WINZIP MALWARE PROTECTOR Deleted HKLM\Software\Wow6432Node\NICO MAK COMPUTING\WINZIP MALWARE PROTECTOR Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\WinZip Malware Protector ***** [ Chromium (and derivatives) ] ***** Deleted EasyPDFCombine Deleted Adaware Secure Search Deleted EasyDocMerge Deleted Search Manager Deleted Search Manager ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [6984 octets] - [18/06/2018 22:14:13] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########