Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Adware.1Clickdownload in der Registrydatei

Adware.1Clickdownload in der Registrydatei


Log-Analyse und Auswertung: Adware.1Clickdownload in der Registrydatei

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 24.12.2016, 16:41   #3
hansreit
 
Adware.1Clickdownload in der Registrydatei - Standard

Adware.1Clickdownload in der Registrydatei


Zitat:
Zitat von hansreit Beitrag anzeigen
Ich hatte in letzter Zeit oefters Probleme mit meinem Norton Antivirus, indem ich kurz nach einem Virusdaten Update nochmals ein Update gefahren bin. Jedesmal sah ich grosse Update Dateiemn von ueber 30 mbs. Ich fand das beunruhigend. Habe danach ein zweites Virenscanner Programm benutzt. Waehrend der Scan ist die Software wiederholt an einigen Stellen (file scans haengengeblieben.

Waehrend der (ongoing scans ) wurden 5 Malware Programme auf der Registry angezeigt.

Ich konnte auch keinen normalen scan fertigstellen. die blieben immer haengen.

Habe dann auch Windows defender versucht, der aber die Malware nicht angezeigt hatte.

Ein Screenshot der (during scan) Malwareanzeigen ist angeheftet.
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-23.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Hans - HP
# Running from : C:\Users\Hans\Downloads\AdwCleaner_6.041.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service Found: swdumon


***** [ Folders ] *****

Folder Found: C:\Users\Hans\AppData\Local\PackageAware
Folder Found: C:\Users\Hans\AppData\Local\slimware utilities inc
Folder Found: C:\Users\Hans\AppData\Local\WhiteListing
Folder Found: C:\Users\Hans\AppData\Local\SlimWare Utilities Inc
Folder Found: C:\Users\Hans\AppData\LocalLow\HPAppData
Folder Found: C:\Users\Hans\AppData\LocalLow\Inbox Toolbar
Folder Found: C:\Users\Hans\AppData\LocalLow\Yahoo!\Companion
Folder Found: C:\Users\Marbella\AppData\LocalLow\AVG Secure Search
Folder Found: C:\Program Files\Common Files\Goobzo
Folder Found: C:\ProgramData\SearchModule
Folder Found: C:\ProgramData\Viewpoint
Folder Found: C:\ProgramData\Application Data\SearchModule
Folder Found: C:\ProgramData\Application Data\Viewpoint
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Found: C:\Users\Public\Documents\Downloaded Installers
Folder Found: C:\Program Files (x86)\Conduit
Folder Found: C:\Program Files (x86)\driverupdate
Folder Found: C:\Program Files (x86)\I Want This
Folder Found: C:\Program Files (x86)\Viewpoint
Folder Found: C:\Program Files (x86)\CompuClever
Folder Found: C:\Program Files (x86)\DriverUpdate
Folder Found: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo! Companion
Folder Found: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo!\Companion
Folder Found: C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Files ] *****

File Found: C:\Users\Marbella\Desktop\YouTube Accelerator.lnk
File Found: C:\Windows\SysNative\drivers\swdumon.sys
File Found: C:\Users\Public\Desktop\eBay.lnk
File Found: C:\ProgramData\uninstaller.exe
File Found: C:\ProgramData\Application Data\uninstaller.exe
File Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\invalidprefs.js
File Found: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\searchplugins\bingp.xml
File Found: C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage
File Found: C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage-journal


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

Shortcut infected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Help.lnk ( /showurl hxxp://toolbar.inbox.com/faq.aspx )
Shortcut infected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Inbox.com.lnk ( /showurl hxxp://www.inbox.com/homepage.aspx?tbid=80114&iwk=253&lng=en )
Shortcut infected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Settings.lnk ( /showurl hxxp://toolbar.inbox.com/settings/settings.aspx?lng=en )


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found: HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found: HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
Key Found: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
Key Found: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
Key Found: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
Key Found: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
Key Found: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found: HKLM\SOFTWARE\Classes\protector_dll.Protector
Key Found: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
Key Found: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
Key Found: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
Key Found: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
Key Found: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
Key Found: [x64] HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
Key Found: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
Key Found: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
Key Found: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
Key Found: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
Key Found: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
Key Found: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
Key Found: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
Key Found: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
Key Found: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
Key Found: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
Key Found: HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found: HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found: HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found: HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found: HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}
Key Found: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found: HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found: HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found: HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found: HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Found: HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found: HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found: HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found: HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found: HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found: HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found: HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Key Found: HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found: HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found: HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found: HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Found: HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found: HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Value Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Value Found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Key Found: HKU\.DEFAULT\Software\Yahoo\Companion
Key Found: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522216\Software\Yahoo\Companion
Key Found: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531436\Software\Yahoo\Companion
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Conduit
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\dsiteproducts
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Inbox Toolbar
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\SlimWare Utilities Inc
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\speedypc software
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\wecarereminder
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Yahoo\Companion
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Yahoo\YFriendsBar
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\YahooPartnerToolbar
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\AppDataLow\Software\Crossrider
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\AppDataLow\Software\Mp3Tube
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\AppDataLow\Software\Yahoo\Companion
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Found: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1318442368-710658752-766906897-1000\Software\Yahoo\Companion
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Conduit
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\dsiteproducts
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Inbox Toolbar
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\SlimWare Utilities Inc
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\speedypc software
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\wecarereminder
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Yahoo\Companion
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Yahoo\YFriendsBar
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\YahooPartnerToolbar
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\AppDataLow\Software\Crossrider
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\AppDataLow\Software\Mp3Tube
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\AppDataLow\Software\Yahoo\Companion
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Conduit
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\dsiteproducts
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Inbox Toolbar
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\SlimWare Utilities Inc
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\speedypc software
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\wecarereminder
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Yahoo\Companion
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Yahoo\YFriendsBar
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\YahooPartnerToolbar
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\AppDataLow\Software\Crossrider
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\AppDataLow\Software\Mp3Tube
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\AppDataLow\Software\Yahoo\Companion
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Found: HKU\S-1-5-18\Software\Yahoo\Companion
Key Found: HKCU\Software\Conduit
Key Found: HKCU\Software\dsiteproducts
Key Found: HKCU\Software\Inbox Toolbar
Key Found: HKCU\Software\SlimWare Utilities Inc
Key Found: HKCU\Software\speedypc software
Key Found: HKCU\Software\wecarereminder
Key Found: HKCU\Software\Yahoo\Companion
Key Found: HKCU\Software\Yahoo\YFriendsBar
Key Found: HKCU\Software\YahooPartnerToolbar
Key Found: HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found: HKCU\Software\AppDataLow\Software\Crossrider
Key Found: HKCU\Software\AppDataLow\Software\Mp3Tube
Key Found: HKCU\Software\AppDataLow\Software\Yahoo\Companion
Key Found: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
Key Found: HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found: HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found: HKLM\SOFTWARE\AVG Security Toolbar
Key Found: HKLM\SOFTWARE\CompeteInc
Key Found: HKLM\SOFTWARE\Inbox Toolbar
Key Found: HKLM\SOFTWARE\MetaStream
Key Found: HKLM\SOFTWARE\SlimWare Utilities Inc
Key Found: HKLM\SOFTWARE\speedypc software
Key Found: HKLM\SOFTWARE\Viewpoint
Key Found: HKLM\SOFTWARE\Yahoo\Companion
Key Found: HKLM\SOFTWARE\systweak
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1318442368-710658752-766906897-1000\Software\Yahoo\Companion
Key Found: [x64] HKCU\Software\Conduit
Key Found: [x64] HKCU\Software\dsiteproducts
Key Found: [x64] HKCU\Software\Inbox Toolbar
Key Found: [x64] HKCU\Software\SlimWare Utilities Inc
Key Found: [x64] HKCU\Software\speedypc software
Key Found: [x64] HKCU\Software\wecarereminder
Key Found: [x64] HKCU\Software\Yahoo\Companion
Key Found: [x64] HKCU\Software\Yahoo\YFriendsBar
Key Found: [x64] HKCU\Software\YahooPartnerToolbar
Key Found: [x64] HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found: [x64] HKCU\Software\AppDataLow\Software\Crossrider
Key Found: [x64] HKCU\Software\AppDataLow\Software\Mp3Tube
Key Found: [x64] HKCU\Software\AppDataLow\Software\Yahoo\Companion
Key Found: [x64] HKLM\SOFTWARE\SearchModule
Key Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Key Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Data Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
Data Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://toolbar.inbox.com/search/dispa
Data Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://toolbar.inbox.com/search/dispa
Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
Data Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant] - hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80364&lng=en
Data Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch] - hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80364
Data Found: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01703C75-A7B5-4A8A-BE14-65262C860195}
Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Data Found: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - Safe\FastAndSafe_x64.dll
Key Found: HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found: HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found: HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found: HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\inbox
Key Found: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found: HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
Key Found: HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
Key Found: HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Found: HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found: HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found: HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Web browsers ] *****

Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "avg.install.extHomepage" - "hxxp://isearch.avg.com?pid=avg&sg=0&cid=%7Be98b0444-f66e-4d5e-b1b7-288909dd5639%7D&mid
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "avg.install.installDirPath" - "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\18.1.0.443"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "avg.userPreferences.URLBarFocus.whiteList" - "bing\\.com google\\.\\w+ yahoo\\.\\w+ gmail\\.\\w+ hotmail\\.\\w+ li
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.crossrider.bic" - "1398d211988ed465331b1100ef487877"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.aflt" - "axl"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.autoRvrt" - false
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.cntry" - "DE"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.cv" - "cv5"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.dfltLng" - ""
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.dfltSrch" - false
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.dnsErr" - true
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.envrmnt" - "production"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.excTlbr" - false
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.hdrMd5" - "89307C2ED2A19BCBB7F870A65AF1D948"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.hmpg" - false
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.hmpgUrl" - "hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0D0F0C0
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.id" - "1C659DFCCA6B6F72"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.instlDay" - "15549"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.instlRef" - "axl"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.isdcmntcmplt" - true
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.lastVrsnTs" - "1.5.23.2210:34:49"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.mntrvrsn" - "1.3.0"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.newTab" - false
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.newTabUrl" - "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0D0F0
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.pnu_base" - "{\"newVrsn\":\"259\",\"lastVrsn\":\"259\",\"vrsnLoad\":\"\",\"showMsg\":\"false\"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.prdct" - "funmoods"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.prtnrId" - "funmoods"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.sg" - "none"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.smplGrp" - "none"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.srchPrvdr" - "Search"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.tlbrId" - "base"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.tlbrSrchUrl" - "hxxp://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0D0
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.vrsn" - "1.5.23.22"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.vrsnTs" - "1.5.23.2210:34:49"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods.vrsni" - "1.5.23.22"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods_i.newTab" - false
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods_i.smplGrp" - "none"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.funmoods_i.vrsnTs" - "1.5.23.2210:34:49"
Firefox pref Found: [C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\prefs.js] - "extensions.wecarereminder.merchHash" - "{\"AFFILIATES\":{\"1and1Internet\":{\"name\":\"1&1 Internet Inc.\",\"autor
Firefox pref Found: [C:\Users\Marbella\AppData\Roaming\Mozilla\Firefox\Profiles\r9sh7yhe.default\prefs.js] - "avg.install.installDirPath" - "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.5.0.2"
Firefox pref Found: [C:\Users\Marbella\AppData\Roaming\Mozilla\Firefox\Profiles\r9sh7yhe.default\prefs.js] - "avg.userPreferences.URLBarFocus.whiteList" - "bing\\.com google\\.\\w+ yahoo\\.\\w+ gmail\\.\\w+ hotmail\\.\\w
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.conduit.com
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] - inbox.com
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] - trovi.search
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] - www-search.net
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - bbjciahceamgodcoidkjpchnokgfpphh
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - booedmolknjekdopkepjjeckmjkdpfgl
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - flpcjncodpafbgdpnkljologafpionhb
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - ndibdjnfmopecpmkdieinmbadjfpblof
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - ojhagnahfpegocdhlopgljpaafeogmcc
Chrome pref Found: [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www-search.net/?s=E59wlim0,e526baa3-d7d6-4508-9117-bb75c30553a2,
Chrome pref Found: [C:\Users\Marbella\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found: [C:\Users\Marbella\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [39850 Bytes] - [24/12/2016 14:15:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39924 Bytes] ########### Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-23.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Hans - HP
# Running from : C:\Users\Hans\Downloads\AdwCleaner_6.041.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: swdumon


***** [ Folders ] *****

[-] Folder deleted: C:\Users\Hans\AppData\Local\PackageAware
[-] Folder deleted: C:\Users\Hans\AppData\Local\slimware utilities inc
[-] Folder deleted: C:\Users\Hans\AppData\Local\WhiteListing
[#] Folder deleted on reboot: C:\Users\Hans\AppData\Local\SlimWare Utilities Inc
[-] Folder deleted: C:\Users\Hans\AppData\LocalLow\HPAppData
[-] Folder deleted: C:\Users\Hans\AppData\LocalLow\Inbox Toolbar
[-] Folder deleted: C:\Users\Hans\AppData\LocalLow\Yahoo!\Companion
[-] Folder deleted: C:\Users\Marbella\AppData\LocalLow\AVG Secure Search
[-] Folder deleted: C:\Program Files\Common Files\Goobzo
[-] Folder deleted: C:\ProgramData\SearchModule
[-] Folder deleted: C:\ProgramData\Viewpoint
[#] Folder deleted on reboot: C:\ProgramData\Application Data\SearchModule
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Viewpoint
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
[-] Folder deleted: C:\Users\Public\Documents\Downloaded Installers
[-] Folder deleted: C:\Program Files (x86)\Conduit
[-] Folder deleted: C:\Program Files (x86)\driverupdate
[-] Folder deleted: C:\Program Files (x86)\I Want This
[-] Folder deleted: C:\Program Files (x86)\Viewpoint
[-] Folder deleted: C:\Program Files (x86)\CompuClever
[#] Folder deleted on reboot: C:\Program Files (x86)\DriverUpdate
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo! Companion
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo!\Companion
[-] Folder deleted: C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Files ] *****

[-] File deleted: C:\Users\Marbella\Desktop\YouTube Accelerator.lnk
[-] File deleted: C:\Windows\SysNative\drivers\swdumon.sys
[-] File deleted: C:\Users\Public\Desktop\eBay.lnk
[-] File deleted: C:\ProgramData\uninstaller.exe
[#] File deleted: C:\ProgramData\Application Data\uninstaller.exe
[-] File deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[-] File deleted: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\invalidprefs.js
[-] File deleted: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\03h04r0h.default\searchplugins\bingp.xml
[-] File deleted: C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage
[-] File deleted: C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****

[!] Shortcut not deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Help.lnk
[!] Shortcut not deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Inbox.com.lnk
[!] Shortcut not deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Settings.lnk


***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[-] Key deleted: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
[-] Key deleted: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key deleted: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Key deleted: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
[-] Key deleted: HKU\.DEFAULT\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522216\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531436\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\dsiteproducts
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Inbox Toolbar
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\SlimWare Utilities Inc
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\speedypc software
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\wecarereminder
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Yahoo\YFriendsBar
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\YahooPartnerToolbar
[#] Key deleted on reboot: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\AppDataLow\Software\Crossrider
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\AppDataLow\Software\Mp3Tube
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1318442368-710658752-766906897-1000\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\dsiteproducts
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Inbox Toolbar
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\SlimWare Utilities Inc
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\speedypc software
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\wecarereminder
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Yahoo\YFriendsBar
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\YahooPartnerToolbar
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\AppDataLow\Software\Crossrider
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\AppDataLow\Software\Mp3Tube
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\dsiteproducts
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Inbox Toolbar
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\SlimWare Utilities Inc
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\speedypc software
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\wecarereminder
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Yahoo\YFriendsBar
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\YahooPartnerToolbar
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\AppDataLow\Software\Crossrider
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\AppDataLow\Software\Mp3Tube
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
[#] Key deleted on reboot: HKU\S-1-5-18\Software\Yahoo\Companion
[#] Key deleted on reboot: HKCU\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\dsiteproducts
[#] Key deleted on reboot: HKCU\Software\Inbox Toolbar
[#] Key deleted on reboot: HKCU\Software\SlimWare Utilities Inc
[#] Key deleted on reboot: HKCU\Software\speedypc software
[#] Key deleted on reboot: HKCU\Software\wecarereminder
[#] Key deleted on reboot: HKCU\Software\Yahoo\Companion
[#] Key deleted on reboot: HKCU\Software\Yahoo\YFriendsBar
[#] Key deleted on reboot: HKCU\Software\YahooPartnerToolbar
[#] Key deleted on reboot: HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Crossrider
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Mp3Tube
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key deleted: HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
[-] Key deleted: HKLM\SOFTWARE\AVG Security Toolbar
[-] Key deleted: HKLM\SOFTWARE\CompeteInc
[-] Key deleted: HKLM\SOFTWARE\Inbox Toolbar
[-] Key deleted: HKLM\SOFTWARE\MetaStream
[-] Key deleted: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\speedypc software
[-] Key deleted: HKLM\SOFTWARE\Viewpoint
[-] Key deleted: HKLM\SOFTWARE\Yahoo\Companion
[-] Key deleted: HKLM\SOFTWARE\systweak
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1318442368-710658752-766906897-1000\Software\Yahoo\Companion
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit
[#] Key deleted on reboot: [x64] HKCU\Software\dsiteproducts
[#] Key deleted on reboot: [x64] HKCU\Software\Inbox Toolbar
[#] Key deleted on reboot: [x64] HKCU\Software\SlimWare Utilities Inc
[#] Key deleted on reboot: [x64] HKCU\Software\speedypc software
[#] Key deleted on reboot: [x64] HKCU\Software\wecarereminder
[#] Key deleted on reboot: [x64] HKCU\Software\Yahoo\Companion
[#] Key deleted on reboot: [x64] HKCU\Software\Yahoo\YFriendsBar
[#] Key deleted on reboot: [x64] HKCU\Software\YahooPartnerToolbar
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Crossrider
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Mp3Tube
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: [x64] HKLM\SOFTWARE\SearchModule
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
[-] Data restored: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data restored: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data restored: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132522352\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
[-] Key deleted: HKU\S-1-5-21-1318442368-710658752-766906897-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016132531802\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01703C75-A7B5-4A8A-BE14-65262C860195}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{55512205-CAB4-4644-8414-D4389B1F6324}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C4B41B3B-7C64-4E54-84D8-443E039042DC}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] C:\PROGRA~3\Fast And
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\inbox
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\protocols\handler\inbox
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
[-] Key deleted: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Web browsers ] *****

[-] Chrome preferences cleaned: "avg.install.extHomepage" - "hxxp://isearch.avg.com?pid=avg&sg=0&cid=%7Be98b0444-f66e-4d5e-b1b7-288909dd5639%7D&mid=2343eed3cec047d0b83ad14acce4e9e6-0ed8f22e15968ba224004fb8ab3114a5b5cd84b2&ds=ft011&coid=&cmpid=&v=18.1.0.443&lang=en&pr=sa&d=2012-07-28%2010%3A39%3A50&sap=hp"
[-] Chrome preferences cleaned: "avg.install.installDirPath" - "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\18.1.0.443"
[-] Chrome preferences cleaned: "avg.userPreferences.URLBarFocus.whiteList" - "bing\\.com google\\.\\w+ yahoo\\.\\w+ gmail\\.\\w+ hotmail\\.\\w+ live\\.\\w+ isearch\\.avg\\.com mysearch\\.avg\\.com"
[-] Chrome preferences cleaned: "extensions.crossrider.bic" - "1398d211988ed465331b1100ef487877"
[-] Chrome preferences cleaned: "extensions.funmoods.aflt" - "axl"
[-] Chrome preferences cleaned: "extensions.funmoods.autoRvrt" - false
[-] Chrome preferences cleaned: "extensions.funmoods.cntry" - "DE"
[-] Chrome preferences cleaned: "extensions.funmoods.cv" - "cv5"
[-] Chrome preferences cleaned: "extensions.funmoods.dfltLng" - ""
[-] Chrome preferences cleaned: "extensions.funmoods.dfltSrch" - false
[-] Chrome preferences cleaned: "extensions.funmoods.dnsErr" - true
[-] Chrome preferences cleaned: "extensions.funmoods.envrmnt" - "production"
[-] Chrome preferences cleaned: "extensions.funmoods.excTlbr" - false
[-] Chrome preferences cleaned: "extensions.funmoods.hdrMd5" - "89307C2ED2A19BCBB7F870A65AF1D948"
[-] Chrome preferences cleaned: "extensions.funmoods.hmpg" - false
[-] Chrome preferences cleaned: "extensions.funmoods.hmpgUrl" - "hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0D0F0C0C0AyC0ByC0FyBtBtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=950884659"
[-] Chrome preferences cleaned: "extensions.funmoods.id" - "1C659DFCCA6B6F72"
[-] Chrome preferences cleaned: "extensions.funmoods.instlDay" - "15549"
[-] Chrome preferences cleaned: "extensions.funmoods.instlRef" - "axl"
[-] Chrome preferences cleaned: "extensions.funmoods.isdcmntcmplt" - true
[-] Chrome preferences cleaned: "extensions.funmoods.lastVrsnTs" - "1.5.23.2210:34:49"
[-] Chrome preferences cleaned: "extensions.funmoods.mntrvrsn" - "1.3.0"
[-] Chrome preferences cleaned: "extensions.funmoods.newTab" - false
[-] Chrome preferences cleaned: "extensions.funmoods.newTabUrl" - "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0D0F0C0C0AyC0ByC0FyBtBtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=950884659"
[-] Chrome preferences cleaned: "extensions.funmoods.pnu_base" - "{\"newVrsn\":\"259\",\"lastVrsn\":\"259\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}"
[-] Chrome preferences cleaned: "extensions.funmoods.prdct" - "funmoods"
[-] Chrome preferences cleaned: "extensions.funmoods.prtnrId" - "funmoods"
[-] Chrome preferences cleaned: "extensions.funmoods.sg" - "none"
[-] Chrome preferences cleaned: "extensions.funmoods.smplGrp" - "none"
[-] Chrome preferences cleaned: "extensions.funmoods.srchPrvdr" - "Search"
[-] Chrome preferences cleaned: "extensions.funmoods.tlbrId" - "base"
[-] Chrome preferences cleaned: "extensions.funmoods.tlbrSrchUrl" - "hxxp://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutC0CyCyDzy0D0F0C0C0AyC0ByC0FyBtBtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=950884659&q="
[-] Chrome preferences cleaned: "extensions.funmoods.vrsn" - "1.5.23.22"
[-] Chrome preferences cleaned: "extensions.funmoods.vrsnTs" - "1.5.23.2210:34:49"
[-] Chrome preferences cleaned: "extensions.funmoods.vrsni" - "1.5.23.22"
[-] Chrome preferences cleaned: "extensions.funmoods_i.newTab" - false
[-] Chrome preferences cleaned: "extensions.funmoods_i.smplGrp" - "none"
[-] Chrome preferences cleaned: "extensions.funmoods_i.vrsnTs" - "1.5.23.2210:34:49"
[-] Chrome preferences cleaned:
[-] Chrome preferences cleaned: "avg.install.installDirPath" - "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.5.0.2"
[-] Chrome preferences cleaned: "avg.userPreferences.URLBarFocus.whiteList" - "bing\\.com google\\.\\w+ yahoo\\.\\w+ gmail\\.\\w+ hotmail\\.\\w+ live\\.\\w+ isearch\\.avg\\.com mysearch\\.avg\\.com"
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.conduit.com
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: inbox.com
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: trovi.search
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: www-search.net
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: bbjciahceamgodcoidkjpchnokgfpphh
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: ndibdjnfmopecpmkdieinmbadjfpblof
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: ojhagnahfpegocdhlopgljpaafeogmcc
[-] [C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxp://www-search.net/?s=E59wlim0,e526baa3-d7d6-4508-9117-bb75c30553a2,
[-] [C:\Users\Marbella\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Marbella\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared
:: Proxy settings cleared
:: IE policies deleted
:: Chrome policies deleted

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [38889 Bytes] - [24/12/2016 14:22:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [40184 Bytes] - [24/12/2016 14:15:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [39037 Bytes] ##########
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v6.041 - Logfile created 24/12/2016 at 15:11:44
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-23.1 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Hans - HP
# Running from : C:\Users\Hans\Downloads\AdwCleaner_6.041(1).exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [39297 Bytes] - [24/12/2016 14:22:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [40184 Bytes] - [24/12/2016 14:15:24]
C:\AdwCleaner\AdwCleaner[S1].txt - [1155 Bytes] - [24/12/2016 15:11:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1228 Bytes] ##########
--- --- ---


Vielen Dank fuer Deine Hilfe Juergen.

vielen Dank nochmals Jürgen.

Ich werde eine 25 Euro Spende an den Board schicken!
__________________
 

Themen zu Adware.1Clickdownload in der Registrydatei
adware.1clickdownload, hangup waehrend der durchsuchung, registry


« Avira: Mehrere Trojaner in Quarantäne -> Was nun? | Malwarebytes - Analyse »


Ähnliche Themen: Adware.1Clickdownload in der Registrydatei


  1. AVIRA EU Cleaner findet TR/Crypt.Xpack400358 und 417413 sowie ADWARE/Adware.Gen
    Plagegeister aller Art und deren Bekämpfung - 22.01.2016 (15)
  2. Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts.
    Log-Analyse und Auswertung - 23.03.2015 (18)
  3. Windows 8.1:Variant.Adware.Graftor.159320+Adware.Generic.1133960-Virenbefall?
    Log-Analyse und Auswertung - 13.01.2015 (32)
  4. Adware.Gen7 - Adware/Cherished.oia - Adware/InstallCore.Gen9 - TR/Trash.Gen bei Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (13)
  5. Adware/Adware.gen von Antivir gefunden - Forsetzung-Thread wegen Noscript und WOT
    Plagegeister aller Art und deren Bekämpfung - 26.10.2014 (16)
  6. Windows 7: ADWARE/CrossRider.Gen4, ADWARE/EoRezo.Gen4 und ADWARE/MPlug 6.14 durch AntiVir gefunden
    Log-Analyse und Auswertung - 22.10.2014 (4)
  7. eBay-Fake eMail mit ZIP Anhang gespeichert, Windows 7- Avira: Enthält Erkennungsmuster der Adware ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 29.08.2014 (17)
  8. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  9. adware/browsefox.dac.1 (wie lässt sich diese lästige Adware entfernen?)
    Log-Analyse und Auswertung - 21.02.2014 (13)
  10. ADWARE/Adware.Gen2 8x gefunden: Schadsoftware? Dann ständig Farbfehler usw.
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (7)
  11. Antivir findet 3 infizierte Dateien 'EXP/Pidief.ej ; 'EXP/Java.HLP.A.1197; ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 09.08.2013 (9)
  12. APPL/Downloader.Gen6 [program] & ADWARE/InstallCore.DA.19 [adware] Infektion
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (7)
  13. ADWARE/InstallCore.Gen, ADWARE/Yontoo.Gen und ADWARE/InstallCore.E von AVIRA gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (10)
  14. Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6
    Log-Analyse und Auswertung - 03.01.2013 (19)
  15. USB-Stick enthält Erkennungsmuster der Adware ADWARE/Adware.Gen
    Plagegeister aller Art und deren Bekämpfung - 29.07.2012 (25)
  16. Testbundle23w_1254[1].exe enthält Erkennungsmuster der Adware ADWARE/Adware.GEN
    Plagegeister aller Art und deren Bekämpfung - 22.04.2012 (5)
  17. PC von Adware.Agent.ZGen, Adware.ClickPotato, Adware.ShopperReports, Adware.Hotbar, Adwa angegriffen
    Mülltonne - 30.06.2011 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Adware.1Clickdownload in der Registrydatei - Zitat: Zitat von hansreit Ich hatte in letzter Zeit oefters Probleme mit meinem Norton Antivirus, indem ich kurz nach einem Virusdaten Update nochmals ein Update gefahren bin. Jedesmal sah ich - Adware.1Clickdownload in der Registrydatei...
Archiv
Du betrachtest: Adware.1Clickdownload in der Registrydatei auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132