Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
how can remove tradeadexchange browser hijacker
Message
<blockquote data-quote="javadth" data-source="post: 659344" data-attributes="member: 64921"><p>this is a log from AdwCleaner 7.0.1.0</p><p></p><p></p><p>[SPOILER="log"]</p><p># AdwCleaner 7.0.1.0 - Logfile created on Sun Aug 06 09:30:23 2017</p><p># Updated on 2017/05/08 by Malwarebytes</p><p># Running on Windows 10 Enterprise (X64)</p><p># Mode: clean</p><p># Support: <a href="https://www.malwarebytes.com/support" target="_blank">Customer Support & Help Center</a></p><p></p><p>***** [ Services ] *****</p><p></p><p>No malicious services deleted.</p><p></p><p>***** [ Folders ] *****</p><p></p><p>Deleted: C:\Users\javad\AppData\LocalLow\IObit\Advanced SystemCare</p><p>Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Speedup</p><p>Deleted: C:\Program Files (x86)\Disk Speedup</p><p>Deleted: C:\Users\javad\AppData\Roaming\ProgSense</p><p>Deleted: C:\Users\javad\AppData\Local\DriverToolkit</p><p>Deleted: C:\Users\javad\AppData\Roaming\GrabPro</p><p>Deleted: C:\ProgramData\Uniblue</p><p>Deleted: C:\ProgramData\Application Data\Uniblue</p><p>Deleted: C:\Program Files (x86)\Uniblue</p><p>Deleted: C:\Users\All Users\Uniblue</p><p>Deleted: C:\Program Files (x86)\lavasoft\web companion</p><p>Deleted: C:\ProgramData\IObit\ASCDownloader</p><p>Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader</p><p>Deleted: C:\Users\All Users\IObit\ASCDownloader</p><p>Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService</p><p>Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService</p><p>Deleted: C:\Users\javad\AppData\Roaming\DRPSu</p><p>Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown</p><p>Deleted: C:\ProgramData\Audyssey Labs</p><p>Deleted: C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}</p><p></p><p></p><p>***** [ Files ] *****</p><p></p><p>Deleted: C:\Windows\System32\lavasofttcpservice.dll</p><p>Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll</p><p>Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini</p><p>Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini</p><p>Deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini</p><p>Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll</p><p></p><p></p><p>***** [ DLL ] *****</p><p></p><p>No malicious DLLs cleaned.</p><p></p><p>***** [ WMI ] *****</p><p></p><p>No malicious WMI cleaned.</p><p></p><p>***** [ Shortcuts ] *****</p><p></p><p>Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk[https:\\launchpage.org\?uid=oTlKGGjMhxpsXWETIi0x4Fc8s%2FzHiEGk82WwfBa2vCIDLrLjR0YewvGdFRqMcBfRzhc%3D]</p><p>Cleaned: C:\Users\Public\Desktop\Opera Browser.lnk[https:\\launchpage.org\?uid=oTlKGGjMhxpsXWETIi0x4Fc8s%2FzHiEGk82WwfBa2vCIDLrLjR0YewvGdFRqMcBfRzhc%3D]</p><p></p><p></p><p>***** [ Tasks ] *****</p><p></p><p>Deleted: DRIVERTOOLKIT AUTORUN</p><p>Deleted: DriverPack Notifier</p><p></p><p></p><p>***** [ Registry ] *****</p><p></p><p>Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\ProgSense</p><p>Deleted: [Key] - HKCU\Software\ProgSense</p><p>Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\DriverToolkit</p><p>Deleted: [Key] - HKCU\Software\DriverToolkit</p><p>Deleted: [Key] - HKLM\SOFTWARE\Orbit</p><p>Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\Orbit</p><p>Deleted: [Key] - HKCU\Software\Orbit</p><p>Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1</p><p>Deleted: [Key] - HKLM\SOFTWARE\Uniblue</p><p>Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion</p><p>Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\Lavasoft\Web Companion</p><p>Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}</p><p>Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}</p><p>Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}</p><p>Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{C55BBCD6-41AD-48AD-9953-3609C48EACC7}</p><p>Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}</p><p>Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL</p><p>Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit</p><p>Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit</p><p>Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit</p><p>Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit</p><p>Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com</p><p>Deleted: [Key] - HKLM\SOFTWARE\Reimage</p><p>Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\Reimage</p><p>Deleted: [Key] - HKCU\Software\Reimage</p><p>Deleted: [Key] - HKLM\SOFTWARE\WISECLEANER</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}</p><p>Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe</p><p>Deleted: [Key] - HKLM\SOFTWARE\drpsu</p><p>Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\drpsu</p><p>Deleted: [Key] - HKCU\Software\drpsu</p><p>Deleted: [Key] - HKLM\SOFTWARE\systweak</p><p>Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\systweak</p><p>Deleted: [Key] - HKCU\Software\systweak</p><p>Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\csastats</p><p>Deleted: [Key] - HKCU\Software\csastats</p><p>Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\PRODUCTSETUP</p><p>Deleted: [Key] - HKCU\Software\PRODUCTSETUP</p><p></p><p></p><p>***** [ Firefox (and derivatives) ] *****</p><p></p><p>No malicious Firefox entries deleted.</p><p></p><p>***** [ Chromium (and derivatives) ] *****</p><p></p><p>Plugin deleted: MSN Homepage & Bing Search Engine -</p><p></p><p></p><p>*************************</p><p></p><p>::Tracing keys deleted</p><p>::Winsock settings cleared</p><p>::Additional Actions: 0</p><p></p><p></p><p></p><p>*************************</p><p></p><p>C:/AdwCleaner/AdwCleaner[S0].txt - [8505 B] - [2017/8/6 9:27:41]</p><p></p><p></p><p>########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########</p><p>[/SPOILER]</p></blockquote><p></p>
[QUOTE="javadth, post: 659344, member: 64921"] this is a log from AdwCleaner 7.0.1.0 [SPOILER="log"] # AdwCleaner 7.0.1.0 - Logfile created on Sun Aug 06 09:30:23 2017 # Updated on 2017/05/08 by Malwarebytes # Running on Windows 10 Enterprise (X64) # Mode: clean # Support: [URL="https://www.malwarebytes.com/support"]Customer Support & Help Center[/URL] ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Users\javad\AppData\LocalLow\IObit\Advanced SystemCare Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Speedup Deleted: C:\Program Files (x86)\Disk Speedup Deleted: C:\Users\javad\AppData\Roaming\ProgSense Deleted: C:\Users\javad\AppData\Local\DriverToolkit Deleted: C:\Users\javad\AppData\Roaming\GrabPro Deleted: C:\ProgramData\Uniblue Deleted: C:\ProgramData\Application Data\Uniblue Deleted: C:\Program Files (x86)\Uniblue Deleted: C:\Users\All Users\Uniblue Deleted: C:\Program Files (x86)\lavasoft\web companion Deleted: C:\ProgramData\IObit\ASCDownloader Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader Deleted: C:\Users\All Users\IObit\ASCDownloader Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService Deleted: C:\Users\javad\AppData\Roaming\DRPSu Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown Deleted: C:\ProgramData\Audyssey Labs Deleted: C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} ***** [ Files ] ***** Deleted: C:\Windows\System32\lavasofttcpservice.dll Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini Deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk[https:\\launchpage.org\?uid=oTlKGGjMhxpsXWETIi0x4Fc8s%2FzHiEGk82WwfBa2vCIDLrLjR0YewvGdFRqMcBfRzhc%3D] Cleaned: C:\Users\Public\Desktop\Opera Browser.lnk[https:\\launchpage.org\?uid=oTlKGGjMhxpsXWETIi0x4Fc8s%2FzHiEGk82WwfBa2vCIDLrLjR0YewvGdFRqMcBfRzhc%3D] ***** [ Tasks ] ***** Deleted: DRIVERTOOLKIT AUTORUN Deleted: DriverPack Notifier ***** [ Registry ] ***** Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\ProgSense Deleted: [Key] - HKCU\Software\ProgSense Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\DriverToolkit Deleted: [Key] - HKCU\Software\DriverToolkit Deleted: [Key] - HKLM\SOFTWARE\Orbit Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\Orbit Deleted: [Key] - HKCU\Software\Orbit Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1 Deleted: [Key] - HKLM\SOFTWARE\Uniblue Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\Lavasoft\Web Companion Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted: [Key] - HKLM\SOFTWARE\Reimage Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\Reimage Deleted: [Key] - HKCU\Software\Reimage Deleted: [Key] - HKLM\SOFTWARE\WISECLEANER Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe Deleted: [Key] - HKLM\SOFTWARE\drpsu Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\drpsu Deleted: [Key] - HKCU\Software\drpsu Deleted: [Key] - HKLM\SOFTWARE\systweak Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\systweak Deleted: [Key] - HKCU\Software\systweak Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\csastats Deleted: [Key] - HKCU\Software\csastats Deleted: [Key] - HKU\S-1-5-21-1791944167-172722019-4007715338-1001\Software\PRODUCTSETUP Deleted: [Key] - HKCU\Software\PRODUCTSETUP ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** Plugin deleted: MSN Homepage & Bing Search Engine - ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [8505 B] - [2017/8/6 9:27:41] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## [/SPOILER] [/QUOTE]
Insert quotes…
Verification
Post reply
Top