# ------------------------------- # Malwarebytes AdwCleaner 7.2.6.0 # ------------------------------- # Build: 12-18-2018 # Database: 2018-12-19.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 12-21-2018 # Duration: 00:00:04 # OS: Windows 8.1 # Cleaned: 26 # Failed: 0 ***** [ Services ] ***** Deleted LavasoftTcpService ***** [ Folders ] ***** Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc Deleted C:\Program Files (x86)\Multitimer Deleted C:\Users\Public\Pokki Deleted C:\Program Files (x86)\ProxyGate Deleted C:\Users\Faf et Coco\AppData\Roaming\WidModule ***** [ Files ] ***** Deleted C:\Users\Faf et Coco\AppData\Roaming\Mozilla\Firefox\Profiles\14rzp6mb.default-1429360347342\invalidprefs.js Deleted C:\Windows\System32\LavasoftTcpService64.dll Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** Deleted System Table ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [3673 octets] - [21/12/2018 11:18:49] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########