# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build:    01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-01-2020
# Duration: 00:00:41
# OS:       Windows 7 Home Premium
# Cleaned:  63
# Failed:   3


***** [ Services ] *****

Deleted       GPCWValidator
Deleted       LavasoftTcpService
Deleted       WCAssistantService

***** [ Folders ] *****

Deleted       C:\Program Files\System Care
Deleted       C:\ProgramData\AVG Security Toolbar
Deleted       C:\ProgramData\AVG_UPDATE_1214TB
Deleted       C:\ProgramData\GPCWValidator
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\ProgramData\globalpcworks.com
Deleted       C:\Users\PORTABLE\AppData\Roaming\Lavasoft\Web Companion
Deleted       C:\Users\PORTABLE\AppData\Roaming\cacaoweb
Deleted       C:\Users\PORTABLE\AppData\Roaming\globalpcworks.com
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Not Deleted   C:\Program Files (x86)\Lavasoft\Web Companion
Not Deleted   C:\ProgramData\Application Data\Lavasoft\Web Companion
Not Deleted   C:\ProgramData\Lavasoft\Web Companion

***** [ Files ] *****

Deleted       C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted       C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted       C:\Windows\System32\LavasoftTcpService64.dll
Deleted       C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted       C:\appverifier.txt

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\SYSTEM CARE_LOGON

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\cacaoweb
Deleted       HKCU\Software\globalpcworks.com
Deleted       HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9AFD96C-C727-460F-BF26-7B85E0189CAF}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System Care_Logon
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{40745F84-C8A4-415C-8B95-82045AF35A9E}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{9FFD42FB-EF3E-46CF-8CE8-F471840F09F4}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{49EF16B8-6B37-4A07-97FB-FDACF229F46A}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{AFA0D180-88DE-4B2E-97F0-48A7C67275BF}C:\users\portable\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted       HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted       HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted       HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted       HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted       HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted       HKLM\Software\GPCWValidatorService
Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{475713a2-db68-4735-965a-63b88b14ec58}|DisplayIcon
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{475713a2-db68-4735-965a-63b88b14ec58}|DisplayName
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{475713a2-db68-4735-965a-63b88b14ec58}|UninstallString
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\LavasoftTcpService.exe
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
Deleted       HKLM\Software\globalpcworks.com
Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\GPCWValidator
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Deleted       MSN Homepage & Bing Search Engine
Deleted       bopakagnckmlgajfccecajhnimjiiedh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8036 octets] - [27/01/2020 22:09:12]
AdwCleaner[S01].txt - [8177 octets] - [01/02/2020 13:26:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########