# ------------------------------- # Malwarebytes AdwCleaner 8.3.2.0 # ------------------------------- # Build: 03-23-2022 # Database: 2022-06-24.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 07-17-2022 # Duration: 00:00:44 # OS: Windows 10 Home # Cleaned: 128 # Failed: 0 ***** [ Services ] ***** Deleted LavasoftTcpService ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Lavasoft\Web Companion Deleted C:\Program Files (x86)\SupTab Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion Deleted C:\ProgramData\IePluginServices Deleted C:\ProgramData\Lavasoft\Web Companion Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion Deleted C:\ProgramData\WindowsMangerProtect Deleted C:\Users\Mélaine\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG Deleted C:\Users\Mélaine\AppData\Roaming\Lavasoft\Web Companion Deleted C:\Users\Mélaine\AppData\Roaming\Systweak Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService ***** [ Files ] ***** Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll Deleted C:\Windows\System32\LavasoftTcpService64.dll ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\downspeedtest.dl.tb.ask.com Deleted HKCU\Software\APN PIP Deleted HKCU\Software\AppDataLow\Software\Compete Deleted HKCU\Software\Ecommfactory Deleted HKCU\Software\InstallCore Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted HKCU\Software\PRODUCTSETUP Deleted HKCU\Software\REG\CLEAN\pro Deleted HKCU\Software\Reg\Clean Deleted HKCU\Software\SupHpUISoft Deleted HKCU\Software\TeleCharger Deleted HKCU\Software\systweak Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} Deleted HKLM\Software\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Deleted HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Deleted HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataContainer Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataContainer.1 Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataController Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataController.1 Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTable Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTable.1 Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableFields Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableFields.1 Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableHolder Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableHolder.1 Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.LSPLogic Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.LSPLogic.1 Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.ReadOnlyManager Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.WFPController Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.WFPController.1 Deleted HKLM\Software\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{05a53315-2cba-40d9-8d75-36f868758b7e}|DisplayIcon Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{05a53315-2cba-40d9-8d75-36f868758b7e}|DisplayName Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{05a53315-2cba-40d9-8d75-36f868758b7e}|UninstallString Deleted HKLM\Software\Wow6432Node\REG\CLEAN\pro Deleted HKLM\Software\Wow6432Node\Reg\Clean Deleted HKLM\Software\Wow6432Node\SupTab Deleted HKLM\Software\Wow6432Node\\Classes\AppID\LavasoftTcpService.exe Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect Deleted HKLM\Software\Wow6432Node\supWPM Deleted HKLM\Software\Wow6432Node\supWindowsMangerProtect Deleted HKLM\Software\Wow6432Node\sweet-pageSoftware Deleted HKLM\Software\Wow6432Node\systweak Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\IePluginServices Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect Deleted HKLM\System\Setup\FirstBoot\Services\LavasoftTcpService Deleted HKU\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\WebCompanionInstaller.exe Deleted HKU\S-1-5-18\Software\Microsoft\.NETFramework\SQM\Apps\WebCompanionInstaller.exe ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.AcerIdentityCard Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3D9CB654-99AD-4301-89C6-0D12A790767C} Deleted Preinstalled.GatewayDeviceFast-lane Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7} Deleted Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F24089C5-A2D2-4993-9541-752DC8823E07} Deleted Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96282C0E-251D-4E36-9131-B578B70509DF} Deleted Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F24089C5-A2D2-4993-9541-752DC8823E07} Deleted Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ALU Deleted Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ALUAgent Deleted Preinstalled.GatewayLiveUpdater Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} Deleted Preinstalled.GatewayLiveUpdater Task C:\Windows\System32\Tasks\ALU Deleted Preinstalled.GatewayLiveUpdater Task C:\Windows\System32\Tasks\ALUAGENT Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD4BCC74-39BF-478F-83C0-4FEBCD1EAAF2} Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management Deleted Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A} Deleted Preinstalled.PackardBellDeviceFast-lane Folder C:\Program Files\PACKARD BELL\PACKARD BELL DEVICE FAST-LANE Deleted Preinstalled.PackardBellPowerManagement Folder C:\Program Files\PACKARD BELL\PACKARD BELL POWER MANAGEMENT Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479} Deleted Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - packardbell.lnk Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BEJEWELED 3 Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\DELICIOUS EMILYS CHILDHOOD MEMORIES PREMIUM EDITION Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\GOVERNOR OF POKER 2 PREMIUM EDITION Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3 Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TALES OF LAGOONA Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [14913 octets] - [17/07/2022 18:22:54] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########