# AdwCleaner v6.021 - Logfile created 15/10/2016 at 17:27:09 # Updated on 06/10/2016 by ToolsLib # Database : 2016-10-14.1 [Server] # Operating System : Windows 8.1 Single Language (X64) # Username : Axlykajill04 - AXLYKAJILL # Running from : C:\Users\Axlykajill04\Downloads\adwcleaner_6.021.exe # Mode: Scan # Support : https://toolslib.net/forum ***** [ Services ] ***** Service Found: WtuSystemSupport Service Found: Update service ***** [ Folders ] ***** Folder Found: C:\ProgramData\{8d64dd32-4e8d-30f9-8d64-4dd324e874c9} Folder Found: C:\Users\Axlykajill04\AppData\Local\avg web tuneup Folder Found: C:\Users\Axlykajill04\AppData\Roaming\RPEng Folder Found: C:\Users\Axlykajill04\AppData\Roaming\lavasoft\web companion Folder Found: C:\Program Files\avg web tuneup Folder Found: C:\Program Files\Common Files\AVG Secure Search Folder Found: C:\ProgramData\AVG Secure Search Folder Found: C:\ProgramData\AVG Security Toolbar Folder Found: C:\ProgramData\avg web tuneup Folder Found: C:\ProgramData\lavasoft\web companion Folder Found: C:\ProgramData\Application Data\AVG Secure Search Folder Found: C:\ProgramData\Application Data\AVG Security Toolbar Folder Found: C:\ProgramData\Application Data\avg web tuneup Folder Found: C:\ProgramData\Application Data\lavasoft\web companion Folder Found: C:\Program Files (x86)\avg web tuneup Folder Found: C:\Program Files (x86)\lavasoft\web companion Folder Found: C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found: C:\Users\Axlykajill04\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn ***** [ Files ] ***** File Found: C:\WINDOWS\SysNative\LavasoftTcpService64.dll File Found: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini File Found: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll File Found: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini File Found: C:\Users\Axlykajill04\AppData\Roaming\Mozilla\Firefox\Profiles\3u032o1y.default\searchplugins\avg-secure-search.xml ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1 Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1 Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1 Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1 Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1 Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1 Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1 Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj Key Found: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1 Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1 Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1 Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1 Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1 Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1 Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1 Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1 Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj Key Found: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1 Key Found: HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5} Key Found: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Found: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Key Found: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} Key Found: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} Key Found: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} Key Found: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} Key Found: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} Key Found: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} Key Found: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} Key Found: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} Key Found: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} Key Found: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7} Key Found: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Key Found: HKU\S-1-5-21-1995861311-3636309898-3167673773-1001\Software\WEBAPP Key Found: HKCU\Software\WEBAPP Key Found: HKLM\SOFTWARE\AVG Tuneup Key Found: HKLM\SOFTWARE\Lavasoft\Web Companion Key Found: [x64] HKCU\Software\WEBAPP Key Found: [x64] HKLM\SOFTWARE\AVG Secure Search Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/t5/Help-Web-Player/bd-p/WebPlayer Key Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/t5/Help-Web-Player/bd-p/WebPlayer Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\imesh.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\searchassist.net Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.imesh.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.searchassist.net Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\imesh.com Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\searchassist.net Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.imesh.com Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.searchassist.net Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com Value Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt] Value Found: HKU\S-1-5-21-1995861311-3636309898-3167673773-1001\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion] Value Found: HKU\S-1-5-21-1995861311-3636309898-3167673773-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion] Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion] Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion] Key Found: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh Key Found: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found: HKLM\SOFTWARE\Classes\s Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Key Found: HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn ***** [ Web browsers ] ***** Firefox pref Found: [C:\Users\Axlykajill04\AppData\Roaming\Mozilla\Firefox\Profiles\3u032o1y.default\prefs.js] - "browser.search.hiddenOneOffs" - "AVG Secure Search,Bing,Yahoo" Firefox pref Found: [C:\Users\Axlykajill04\AppData\Roaming\Mozilla\Firefox\Profiles\3u032o1y.default\prefs.js] - "extensions.6gzEwZ3Ta7khdz7W.scode" - "(function(){try{if(window.location.href.indexOf(\"rjC9qja5qdrErTY5pj Firefox pref Found: [C:\Users\Axlykajill04\AppData\Roaming\Mozilla\Firefox\Profiles\3u032o1y.default\prefs.js] - "extensions.toolbar.mindspark._dzMembers_.lastActivePing" - "1455186953918" Firefox pref Found: [C:\Users\Axlykajill04\AppData\Roaming\Mozilla\Firefox\Profiles\3u032o1y.default\prefs.js] - "extensions.toolbar.mindspark._gtMembers_.lastActivePing" - "1440809763300" Firefox pref Found: [C:\Users\Axlykajill04\AppData\Roaming\Mozilla\Firefox\Profiles\3u032o1y.default\prefs.js] - "extensions.toolbar.mindspark.hp.enabled" - false Firefox pref Found: [C:\Users\Axlykajill04\AppData\Roaming\Mozilla\Firefox\Profiles\3u032o1y.default\prefs.js] - "extensions.toolbar.mindspark.lastInstalled" - "pconverter@mindspark.com" Chrome pref Found: [C:\Users\Axlykajill04\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [12096 Bytes] - [15/10/2016 17:22:32] C:\AdwCleaner\AdwCleaner[S1].txt - [11868 Bytes] - [15/10/2016 17:27:09] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [11942 Bytes] ##########