# ------------------------------- # Malwarebytes AdwCleaner 8.0.9.1 # ------------------------------- # Build: 01-20-2021 # Database: 2021-01-26.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 01-29-2021 # Duration: 00:00:38 # OS: Windows 10 Home # Cleaned: 90 # Awaiting reboot:1 # Failed: 4 ***** [ Services ] ***** Deleted FlightSearch_foService Deleted SAntivirusIC Deleted SAntivirusSvc ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Chromium Deleted C:\Program Files (x86)\FlightSearch_fo Deleted C:\Program Files (x86)\PremierOpinion Deleted C:\Program Files\WebDiscoverBrowser Deleted C:\Program Files\WinZip Driver Updater Deleted C:\Users\max\AppData\LocalLow\FlightSearch_fo Deleted C:\Users\max\AppData\Local\FlightSearch_fo Deleted C:\Users\max\AppData\Local\WebDiscoverBrowser Deleted C:\Users\max\AppData\Roaming\santivirusclient Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\WebDiscoverBrowser Needs Reboot C:\Program Files (x86)\Digital Communications Not Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus Not Deleted C:\ProgramData\SAntivirus ***** [ Files ] ***** Deleted C:\Users\Public\Desktop\eBay.lnk ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\WEBDISCOVER BROWSER LAUNCH TASK Deleted C:\Windows\System32\Tasks\WEBDISCOVER BROWSER UPDATE TASK ***** [ Registry ] ***** Deleted HKCU\Software\AppDataLow\Software\FlightSearch_fo Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ak.staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\fr.windfinder.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hp.myway.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\immo.trovit.fr Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\izito.fr Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\land.pckeeper.software Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pckeeper.software Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovit.fr Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ttdetect.staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\windfinder.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ak.staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\fr.windfinder.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hp.myway.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\immo.trovit.fr Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\izito.fr Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\land.pckeeper.software Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pckeeper.software Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovit.fr Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ttdetect.staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\windfinder.com Deleted HKCU\Software\FlightSearch_fo Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8b6c12d7-aae8-4b91-b764-af223bfe5bb3} Deleted HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{04440AB6-575C-48CA-AC19-49E71651CBF1} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A82A6A51-9D0D-4BB2-A28A-6A6ED46A3845} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A82A6A51-9D0D-4BB2-A28A-6A6ED46A3845} Deleted HKCU\Software\WebDiscoverBrowser Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97229043-9191-4D9C-9A15-C1F845840369} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{782EA69E-E8A1-43FE-9DFE-AA94A97B5609} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97229043-9191-4D9C-9A15-C1F845840369} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WebDiscover Browser Launch Task Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WebDiscover Browser Update Task Deleted HKLM\SOFTWARE\Microsoft\Windows\SAntivirus Deleted HKLM\Software\Classes\CLSID\{A82A6A51-9D0D-4BB2-A28A-6A6ED46A3845} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|FlightSearch EPM Support Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Run|WebDiscoverBrowser Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{fd13f4a2-b0d8-4cad-9ccf-d4128eaf25ff}_is1 Deleted HKLM\Software\SegOption Deleted HKLM\Software\WebDiscoverBrowser Deleted HKLM\Software\Wow6432Node\FlightSearch_fo Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348b6fcc-21b7-4617-9d6e-b711273391db} Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4db7ffb0-3344-435f-93d1-41d3d86c5363} Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76a896b2-5f18-40e5-b7d9-464c279db394} Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dbc08b33-69ed-4e59-b3e6-d456aa8b56b9} Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea8d2af6-76b1-4e94-b6ef-cde59c041257} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FlightSearch_fobar Uninstall Internet Explorer Deleted HKLM\Software\Wow6432Node\SAntivirusProduct Deleted HKLM\Software\Wow6432Node\WebDiscoverBrowser Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{A82A6A51-9D0D-4BB2-A28A-6A6ED46A3845} Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{8b6c12d7-aae8-4b91-b764-af223bfe5bb3} Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{A82A6A51-9D0D-4BB2-A28A-6A6ED46A3845} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\FlightSearch_fobar Uninstall Internet Explorer Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SAntivirus Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\SAntivirus Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SAntivirusSvc Deleted HKLM\System\Setup\FirstBoot\Services\FlightSearch_foService Deleted HKLM\System\Setup\FirstBoot\Services\WinZip Smart Monitor Service Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe Deleted HKU\.DEFAULT\Software\WebDiscoverBrowser Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe Deleted HKU\S-1-5-18\Software\WebDiscoverBrowser Not Deleted HKLM\Software\SAntivirus Not Deleted HKLM\Software\Wow6432Node\SAntivirus ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ***** Reboot Required to Complete ***** ***** [ Folders ] ***** Cleaning failed C:\Program Files (x86)\Digital Communications ************************* AdwCleaner[S00].txt - [22549 octets] - [29/01/2021 15:59:49] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########