Trojaner-Board - Tojaner gefunden, E-Mail gehackt...

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Tojaner gefunden, E-Mail gehackt... (https://www.trojaner-board.de/195975-tojaner-gefunden-e-mail-gehackt.html)

Komm vergiss es. Hau weg den Schrott. Dann muss ich halt mit den FRST-Logs allein auskommen.

Wir deinstallieren dann auch anderen unnötigen oder veralteten Krempel. Das hier bitte alles deinstallieren:

Adobe Acrobat Reader DC - Deutsch
Adobe Flash Player 32 NPAPI
Bitdefender Agent
Bitdefender Internet Security
Bitdefender VPN
VLC media player
WinRAR 5.40 (32-Bit)
Yahoo! Powered

Es werden doch zur Zeit die Erpress E-Mail verbreitet... hat das was mit den Trojaner zu tun oder ist das nur eine Mail, was meinst du?

Ok, mache ich gleich. Danke

Ja du tust so als wäre das die ultimativ neue Nachricht :wtf:
Schädlinge per Mail gibt es seit mehr als 20 Jahren. Ein sehr bekannter Vertreter der Mailwürmer ist Loveletter

Nein das nicht.
Aber ich habe das E-Mail bekommen, die Polizei sagt ist nur eine E-Mail.
Aber ich habe zufällig einen Trojaner oben???

Das Yahoo! Powered lässt sich nicht deinstallieren?!

Beim Yahoo Powered reagiert das Deinstallieren gar nicht

Das zeigt keine Herausgeber, Größe, Version nix an

Hast du sonst alles deinstallieren? Wenn ja, bitte mit adwCleaner weitermachen.

adwCleaner v7.4

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

Sonst alles, Bitdefender dauert noch...

so jetzt alles so ausgeführt. PC wurde neu gestrartet

Das Yahoo ist immer noch da

wie mache ich die log Datei in Codetags

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-09-2019
# Duration: 00:00:28
# OS: Windows 10 Home
# Cleaned: 201
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\DriverWhiz
Deleted C:\Program Files (x86)\Radio Canyon
Deleted C:\Program Files (x86)\globalUpdate
Deleted C:\Program Files\Enigma Software Group
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
Deleted C:\Users\Ingo\AppData\LocalLow\Conduit
Deleted C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3
Deleted C:\Users\Ingo\AppData\LocalLow\PriceGong
Deleted C:\Users\Ingo\AppData\LocalLow\Radio Canyon
Deleted C:\Users\Ingo\AppData\LocalLow\Softonic
Deleted C:\Users\Ingo\AppData\LocalLow\iac
Deleted C:\Users\Ingo\AppData\Local\Browsersafeguard
Deleted C:\Users\Ingo\AppData\Local\globalUpdate
Deleted C:\Users\Ingo\AppData\Local\iac
Deleted C:\Users\Ingo\AppData\Local\slimware utilities inc
Deleted C:\Users\Ingo\AppData\Roaming\BabSolution
Deleted C:\Users\Ingo\AppData\Roaming\OpenCandy
Deleted C:\Users\Ingo\AppData\Roaming\RHEng
Deleted C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
Deleted C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml
Deleted C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE
Deleted C:\Users\Ingo\Downloads\Driverwhiz.exe
Deleted C:\Users\Ingo\Downloads\ReimageRepair.exe
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\BROWSERDEFENDERT
Deleted C:\Windows\System32\Tasks\LAUNCHSIGNUP
Deleted C:\Windows\System32\Tasks\SPYHUNTER4STARTUP
Deleted C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
Deleted C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB
Deleted C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB
Deleted C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\828ad1e639bf42
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted HKCU\Software\AppDataLow\Software\Crossrider
Deleted HKCU\Software\AppDataLow\Software\PriceGong
Deleted HKCU\Software\AppDataLow\Software\Radio Canyon
Deleted HKCU\Software\AppDataLow\Software\Toolbar
Deleted HKCU\Software\Carambis
Deleted HKCU\Software\DataMngr
Deleted HKCU\Software\DriverWhiz
Deleted HKCU\Software\GlobalUpdate
Deleted HKCU\Software\InstalledBrowserExtensions
Deleted HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope
Deleted HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\SlimWare Utilities Inc
Deleted HKCU\Software\Smartbar
Deleted HKCU\Software\csastats
Deleted HKCU\Software\reimagerepair
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Deleted HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Deleted HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Deleted HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Deleted HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}
Deleted HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}
Deleted HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\EnigmaSoftwareGroup
Deleted HKLM\Software\InstalledBrowserExtensions
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Deleted HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\828ad1e639bf42
Deleted HKLM\Software\Wow6432Node\DataMngr
Deleted HKLM\Software\Wow6432Node\GlobalUpdate
Deleted HKLM\Software\Wow6432Node\InstalledBrowserExtensions
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe
Deleted HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
Deleted HKLM\Software\Wow6432Node\Radio Canyon
Deleted HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\systweak
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-09-2019
# Duration: 00:00:28
# OS: Windows 10 Home
# Scanned: 35810
# Detected: 246

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.383Media C:\Program Files (x86)\DriverWhiz
PUP.Optional.383Media C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
PUP.Optional.BrowserSafeGuard C:\Users\Ingo\AppData\Local\Browsersafeguard
PUP.Optional.Conduit C:\Users\Ingo\AppData\LocalLow\Conduit
PUP.Optional.Conduit.A C:\Users\Ingo\AppData\Roaming\RHEng
PUP.Optional.CrossRider C:\Program Files (x86)\Radio Canyon
PUP.Optional.CrossRider C:\Users\Ingo\AppData\LocalLow\Radio Canyon
PUP.Optional.Legacy C:\Program Files (x86)\globalUpdate
PUP.Optional.Legacy C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3
PUP.Optional.Legacy C:\Users\Ingo\AppData\Local\globalUpdate
PUP.Optional.Legacy C:\Users\Ingo\AppData\Roaming\BabSolution
PUP.Optional.Legacy C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.OpenCandy C:\Users\Ingo\AppData\Roaming\OpenCandy
PUP.Optional.PriceGong C:\Users\Ingo\AppData\LocalLow\PriceGong
PUP.Optional.SlimCleanerPlus C:\Users\Ingo\AppData\Local\slimware utilities inc
PUP.Optional.SofTonicAssistant C:\Users\Ingo\AppData\LocalLow\Softonic
PUP.Optional.SpyHunter C:\Program Files\Enigma Software Group
Trojan.Agent C:\Users\Ingo\AppData\LocalLow\iac
Trojan.Agent C:\Users\Ingo\AppData\Local\iac

***** [ Files ] *****

PUP.Optional.Chip C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE
PUP.Optional.DriverWhiz C:\Users\Ingo\Downloads\Driverwhiz.exe
PUP.Optional.Legacy C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml
PUP.Optional.Reimage C:\Users\Ingo\Downloads\ReimageRepair.exe
PUP.Optional.Reimage C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
PUP.Adware.Heuristic C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job
PUP.Optional.BrowserDefender.AppFlsh C:\Windows\System32\Tasks\BROWSERDEFENDERT
PUP.Optional.Legacy C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB
PUP.Optional.Legacy C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB
PUP.Optional.MyPCBackup C:\Windows\System32\Tasks\LAUNCHSIGNUP
PUP.Optional.SpyHunter C:\Windows\System32\Tasks\SPYHUNTER4STARTUP

***** [ Registry ] *****

PUP.Adware.Heuristic HKCU\SOFTWARE\828ad1e639bf42
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F}
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F}
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\828ad1e639bf42
PUP.Optional.383Media HKCU\Software\DriverWhiz
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}
PUP.Optional.BProtect HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
PUP.Optional.BProtector HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
PUP.Optional.ByteFence HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
PUP.Optional.ByteFence HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com
PUP.Optional.Carambis HKCU\Software\Carambis
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider HKCU\Software\AppDataLow\Software\Crossrider
PUP.Optional.CrossRider HKCU\Software\AppDataLow\Software\Radio Canyon
PUP.Optional.CrossRider HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Radio Canyon
PUP.Optional.DataMngr.AppFlsh HKCU\Software\DataMngr
PUP.Optional.DataMngr.AppFlsh HKLM\Software\Wow6432Node\DataMngr
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\GlobalUpdate
PUP.Optional.Legacy HKCU\Software\InstalledBrowserExtensions
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
PUP.Optional.Legacy HKCU\Software\Smartbar
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
PUP.Optional.Legacy HKLM\Software\Classes\Prod.cap
PUP.Optional.Legacy HKLM\Software\InstalledBrowserExtensions
PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
PUP.Optional.Legacy HKLM\Software\Wow6432Node\GlobalUpdate
PUP.Optional.Legacy HKLM\Software\Wow6432Node\InstalledBrowserExtensions
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.MindSpark.A HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
PUP.Optional.MindSpark.A HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}
PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}
PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
PUP.Optional.MyWebSearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
PUP.Optional.MyWebSearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
PUP.Optional.MyWebSearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
PUP.Optional.MyWebSearch HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
PUP.Optional.PriceGong HKCU\Software\AppDataLow\Software\PriceGong
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.Reimage HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage HKCU\Software\Reimage
PUP.Optional.Reimage HKCU\Software\reimagerepair
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine.1
PUP.Optional.Reimage HKLM\Software\Reimage
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
PUP.Optional.SlimCleanerPlus HKCU\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.SpeedItupFree HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpeedItupFree HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpyHunter HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
PUP.Optional.SpyHunter HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
PUP.Optional.SpyHunter HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup
PUP.Optional.SpyHunter HKLM\Software\EnigmaSoftwareGroup
PUP.Optional.SysTweak HKLM\Software\Wow6432Node\systweak
PUP.Optional.VBatesHelper HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates
PUP.Optional.WebBar HKCU\Software\AppDataLow\Software\Toolbar

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames
Preinstalled.ASUSInstantOn
Preinstalled.ASUSLiveUpdate
Preinstalled.ASUSProductRegistration
Preinstalled.ASUSSmartGesture
Preinstalled.ASUSSplendid
Preinstalled.ASUSVibe
Preinstalled.ASUSVirtualCamera
Preinstalled.ASUSWebStorage
Preinstalled.CyberLinkLabelPrint
Preinstalled.HPJumpStartApps
Preinstalled.LenovoPower2Go
Preinstalled.PackardBellGamesBundle
Preinstalled.SamsungSmartSwitch

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Du liest auch echt nichts oder? Was hab ich geschrieben wie die Logs gepostet werden sollen?

Ich lese alles.... du sag mal, meinst du ich bin ein Computer Experte??? Nein das bin ich nicht....Ich habe dich gefragt wie ich das machen soll mit den Code Tags? Du
Du bist Experte, gehst davon aus, das der Laie alles kann, das ist aber nicht so...

Ich habe mich hier registriert, weil ich Hilfe brauche bei meinen Anliegen, habe mit solchen Sachen nicht viel zu tun. Aber nach deinen Vorderungen, muss ich alles können.

Ja du hast dich registriert weil du hier Hilfe willst. Aber lesen musst du schon selbst. Oder war meine Antwort in Posting #4 schon wieder zuviel Text?

Stimmt das habe ich übersehen :) sorry

Code:



# -------------------------------

# Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------

# Build:    07-23-2019

# Database: 2019-07-22.1 (Local)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Clean

# -------------------------------

# Start:    08-09-2019

# Duration: 00:00:28

# OS:       Windows 10 Home

# Cleaned:  201

# Failed:   0
 
 

***** [ Services ] *****
 

No malicious services cleaned.
 

***** [ Folders ] *****
 

Deleted       C:\Program Files (x86)\DriverWhiz

Deleted       C:\Program Files (x86)\Radio Canyon

Deleted       C:\Program Files (x86)\globalUpdate

Deleted       C:\Program Files\Enigma Software Group

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz

Deleted       C:\Users\Ingo\AppData\LocalLow\Conduit

Deleted       C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3

Deleted       C:\Users\Ingo\AppData\LocalLow\PriceGong

Deleted       C:\Users\Ingo\AppData\LocalLow\Radio Canyon

Deleted       C:\Users\Ingo\AppData\LocalLow\Softonic

Deleted       C:\Users\Ingo\AppData\LocalLow\iac

Deleted       C:\Users\Ingo\AppData\Local\Browsersafeguard

Deleted       C:\Users\Ingo\AppData\Local\globalUpdate

Deleted       C:\Users\Ingo\AppData\Local\iac

Deleted       C:\Users\Ingo\AppData\Local\slimware utilities inc

Deleted       C:\Users\Ingo\AppData\Roaming\BabSolution

Deleted       C:\Users\Ingo\AppData\Roaming\OpenCandy

Deleted       C:\Users\Ingo\AppData\Roaming\RHEng

Deleted       C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers

Deleted       C:\Users\Public\Documents\Downloaded Installers
 

***** [ Files ] *****
 

Deleted       C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml

Deleted       C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE

Deleted       C:\Users\Ingo\Downloads\Driverwhiz.exe

Deleted       C:\Users\Ingo\Downloads\ReimageRepair.exe

Deleted       C:\Windows\Reimage.ini
 

***** [ DLL ] *****
 

No malicious DLLs cleaned.
 

***** [ WMI ] *****
 

No malicious WMI cleaned.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts cleaned.
 

***** [ Tasks ] *****
 

Deleted       C:\Windows\System32\Tasks\BROWSERDEFENDERT

Deleted       C:\Windows\System32\Tasks\LAUNCHSIGNUP

Deleted       C:\Windows\System32\Tasks\SPYHUNTER4STARTUP

Deleted       C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}

Deleted       C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB

Deleted       C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB

Deleted       C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job
 

***** [ Registry ] *****
 

Deleted       HKCU\SOFTWARE\828ad1e639bf42

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

Deleted       HKCU\Software\AppDataLow\Software\Crossrider

Deleted       HKCU\Software\AppDataLow\Software\PriceGong

Deleted       HKCU\Software\AppDataLow\Software\Radio Canyon

Deleted       HKCU\Software\AppDataLow\Software\Toolbar

Deleted       HKCU\Software\Carambis

Deleted       HKCU\Software\DataMngr

Deleted       HKCU\Software\DriverWhiz

Deleted       HKCU\Software\GlobalUpdate

Deleted       HKCU\Software\InstalledBrowserExtensions

Deleted       HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.

Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com

Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com

Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com

Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page

Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}

Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope

Deleted       HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome

Deleted       HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Deleted       HKCU\Software\PRODUCTSETUP

Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G

Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F

Deleted       HKCU\Software\Reimage

Deleted       HKCU\Software\SlimWare Utilities Inc

Deleted       HKCU\Software\Smartbar

Deleted       HKCU\Software\csastats

Deleted       HKCU\Software\reimagerepair

Deleted       HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL

Deleted       HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Deleted       HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}

Deleted       HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}

Deleted       HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}

Deleted       HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}

Deleted       HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}

Deleted       HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}

Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}

Deleted       HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

Deleted       HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Deleted       HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

Deleted       HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Deleted       HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}

Deleted       HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}

Deleted       HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Deleted       HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

Deleted       HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}

Deleted       HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}

Deleted       HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}

Deleted       HKLM\Software\Classes\Prod.cap

Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine

Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine.1

Deleted       HKLM\Software\EnigmaSoftwareGroup

Deleted       HKLM\Software\InstalledBrowserExtensions

Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Deleted       HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}

Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

Deleted       HKLM\Software\Reimage

Deleted       HKLM\Software\Wow6432Node\828ad1e639bf42

Deleted       HKLM\Software\Wow6432Node\DataMngr

Deleted       HKLM\Software\Wow6432Node\GlobalUpdate

Deleted       HKLM\Software\Wow6432Node\InstalledBrowserExtensions

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe

Deleted       HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin

Deleted       HKLM\Software\Wow6432Node\Radio Canyon

Deleted       HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.

Deleted       HKLM\Software\Wow6432Node\SlimWare Utilities Inc

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Deleted       HKLM\Software\Wow6432Node\systweak

Deleted       HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries cleaned.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs cleaned.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries cleaned.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs cleaned.
 

***** [ Preinstalled Software ] *****
 

No Preinstalled Software cleaned.
 
 

*************************
 

[+] Delete Prefetch

[+] Delete Tracing Keys

[+] Reset Chromium Policies

[+] Reset IE Policies

[+] Reset Winsock
 

*************************
 

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Code:



# -------------------------------

# Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------

# Build:    07-23-2019

# Database: 2019-07-22.1 (Local)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Clean

# -------------------------------

# Start:    08-10-2019

# Duration: 00:00:15

# OS:       Windows 10 Home

# Cleaned:  1

# Failed:   0
 
 

***** [ Services ] *****
 

No malicious services cleaned.
 

***** [ Folders ] *****
 

No malicious folders cleaned.
 

***** [ Files ] *****
 

No malicious files cleaned.
 

***** [ DLL ] *****
 

No malicious DLLs cleaned.
 

***** [ WMI ] *****
 

No malicious WMI cleaned.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts cleaned.
 

***** [ Tasks ] *****
 

No malicious tasks cleaned.
 

***** [ Registry ] *****
 

Deleted       HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries cleaned.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs cleaned.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries cleaned.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs cleaned.
 

***** [ Preinstalled Software ] *****
 

No Preinstalled Software cleaned.
 
 

*************************
 

[+] Delete Prefetch

[+] Delete Tracing Keys

[+] Reset Chromium Policies

[+] Reset IE Policies

[+] Reset Winsock
 

*************************
 

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]

AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]

AdwCleaner[S01].txt - [1954 octets] - [10/08/2019 10:30:40]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Code:



# -------------------------------

# Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------

# Build:    07-23-2019

# Database: 2019-07-22.1 (Local)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Scan

# -------------------------------

# Start:    08-09-2019

# Duration: 00:00:28

# OS:       Windows 10 Home

# Scanned:  35810

# Detected: 246
 
 

***** [ Services ] *****
 

No malicious services found.
 

***** [ Folders ] *****
 

PUP.Optional.383Media           C:\Program Files (x86)\DriverWhiz

PUP.Optional.383Media           C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz

PUP.Optional.BrowserSafeGuard   C:\Users\Ingo\AppData\Local\Browsersafeguard

PUP.Optional.Conduit            C:\Users\Ingo\AppData\LocalLow\Conduit

PUP.Optional.Conduit.A          C:\Users\Ingo\AppData\Roaming\RHEng

PUP.Optional.CrossRider         C:\Program Files (x86)\Radio Canyon

PUP.Optional.CrossRider         C:\Users\Ingo\AppData\LocalLow\Radio Canyon

PUP.Optional.Legacy             C:\Program Files (x86)\globalUpdate

PUP.Optional.Legacy             C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3

PUP.Optional.Legacy             C:\Users\Ingo\AppData\Local\globalUpdate

PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\BabSolution

PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers

PUP.Optional.Legacy             C:\Users\Public\Documents\Downloaded Installers

PUP.Optional.OpenCandy          C:\Users\Ingo\AppData\Roaming\OpenCandy

PUP.Optional.PriceGong          C:\Users\Ingo\AppData\LocalLow\PriceGong

PUP.Optional.SlimCleanerPlus    C:\Users\Ingo\AppData\Local\slimware utilities inc

PUP.Optional.SofTonicAssistant  C:\Users\Ingo\AppData\LocalLow\Softonic

PUP.Optional.SpyHunter          C:\Program Files\Enigma Software Group

Trojan.Agent                    C:\Users\Ingo\AppData\LocalLow\iac

Trojan.Agent                    C:\Users\Ingo\AppData\Local\iac
 

***** [ Files ] *****
 

PUP.Optional.Chip               C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE

PUP.Optional.DriverWhiz         C:\Users\Ingo\Downloads\Driverwhiz.exe

PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml

PUP.Optional.Reimage            C:\Users\Ingo\Downloads\ReimageRepair.exe

PUP.Optional.Reimage            C:\Windows\Reimage.ini
 

***** [ DLL ] *****
 

No malicious DLLs found.
 

***** [ WMI ] *****
 

No malicious WMI found.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts found.
 

***** [ Tasks ] *****
 

PUP.Adware.Heuristic            C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}

PUP.Adware.Heuristic            C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job

PUP.Optional.BrowserDefender.AppFlsh C:\Windows\System32\Tasks\BROWSERDEFENDERT

PUP.Optional.Legacy             C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB

PUP.Optional.Legacy             C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB

PUP.Optional.MyPCBackup         C:\Windows\System32\Tasks\LAUNCHSIGNUP

PUP.Optional.SpyHunter          C:\Windows\System32\Tasks\SPYHUNTER4STARTUP
 

***** [ Registry ] *****
 

PUP.Adware.Heuristic            HKCU\SOFTWARE\828ad1e639bf42

PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 

PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 

PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}

PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\828ad1e639bf42

PUP.Optional.383Media           HKCU\Software\DriverWhiz

PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}

PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}

PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}

PUP.Optional.BProtect           HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome

PUP.Optional.BProtector         HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}

PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}

PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert

PUP.Optional.ByteFence          HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com

PUP.Optional.ByteFence          HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com

PUP.Optional.Carambis           HKCU\Software\Carambis

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

PUP.Optional.CrossRider         HKCU\Software\AppDataLow\Software\Crossrider

PUP.Optional.CrossRider         HKCU\Software\AppDataLow\Software\Radio Canyon

PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Radio Canyon

PUP.Optional.DataMngr.AppFlsh   HKCU\Software\DataMngr

PUP.Optional.DataMngr.AppFlsh   HKLM\Software\Wow6432Node\DataMngr

PUP.Optional.InstallCore        HKCU\Software\csastats

PUP.Optional.Legacy             HKCU\Software\GlobalUpdate

PUP.Optional.Legacy             HKCU\Software\InstalledBrowserExtensions

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}

PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}

PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}

PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}

PUP.Optional.Legacy             HKCU\Software\Smartbar

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA

PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}

PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}

PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

PUP.Optional.Legacy             HKLM\Software\Classes\Prod.cap

PUP.Optional.Legacy             HKLM\Software\InstalledBrowserExtensions

PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}

PUP.Optional.Legacy             HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64

PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\GlobalUpdate

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\InstalledBrowserExtensions

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

PUP.Optional.MindSpark.A        HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}

PUP.Optional.MindSpark.A        HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}

PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}

PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}

PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin

PUP.Optional.PriceGong          HKCU\Software\AppDataLow\Software\PriceGong

PUP.Optional.ProductSetup.A     HKCU\Software\PRODUCTSETUP

PUP.Optional.Reimage            HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.

PUP.Optional.Reimage            HKCU\Software\Reimage

PUP.Optional.Reimage            HKCU\Software\reimagerepair

PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine

PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine.1

PUP.Optional.Reimage            HKLM\Software\Reimage

PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G

PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F

PUP.Optional.SlimCleanerPlus    HKCU\Software\SlimWare Utilities Inc

PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.

PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SlimWare Utilities Inc

PUP.Optional.SpeedItupFree      HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

PUP.Optional.SpeedItupFree      HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}

PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}

PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup

PUP.Optional.SpyHunter          HKLM\Software\EnigmaSoftwareGroup

PUP.Optional.SysTweak           HKLM\Software\Wow6432Node\systweak

PUP.Optional.VBatesHelper       HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates

PUP.Optional.WebBar             HKCU\Software\AppDataLow\Software\Toolbar
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries found.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs found.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries found.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs found.
 

***** [ Preinstalled Software ] *****
 

Preinstalled.ASUSGames          

Preinstalled.ASUSInstantOn      

Preinstalled.ASUSLiveUpdate     

Preinstalled.ASUSProductRegistration 

Preinstalled.ASUSSmartGesture   

Preinstalled.ASUSSplendid       

Preinstalled.ASUSVibe           

Preinstalled.ASUSVirtualCamera  

Preinstalled.ASUSWebStorage     

Preinstalled.CyberLinkLabelPrint 

Preinstalled.HPJumpStartApps    

Preinstalled.LenovoPower2Go     

Preinstalled.PackardBellGamesBundle 

Preinstalled.SamsungSmartSwitch 
 
 
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Code:



# -------------------------------

# Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------

# Build:    07-23-2019

# Database: 2019-07-22.1 (Local)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Scan

# -------------------------------

# Start:    08-10-2019

# Duration: 00:00:23

# OS:       Windows 10 Home

# Scanned:  35810

# Detected: 45
 
 

***** [ Services ] *****
 

No malicious services found.
 

***** [ Folders ] *****
 

No malicious folders found.
 

***** [ Files ] *****
 

No malicious files found.
 

***** [ DLL ] *****
 

No malicious DLLs found.
 

***** [ WMI ] *****
 

No malicious WMI found.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts found.
 

***** [ Tasks ] *****
 

No malicious tasks found.
 

***** [ Registry ] *****
 

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries found.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs found.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries found.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs found.
 

***** [ Preinstalled Software ] *****
 

Preinstalled.ASUSGames          

Preinstalled.ASUSInstantOn      

Preinstalled.ASUSLiveUpdate     

Preinstalled.ASUSProductRegistration 

Preinstalled.ASUSSmartGesture   

Preinstalled.ASUSSplendid       

Preinstalled.ASUSVibe           

Preinstalled.ASUSVirtualCamera  

Preinstalled.ASUSWebStorage     

Preinstalled.CyberLinkLabelPrint 

Preinstalled.LenovoPower2Go     

Preinstalled.PackardBellGamesBundle 

Preinstalled.SamsungSmartSwitch 
 
 

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]

AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Geht doch :applaus:

adwcleaner bitte zwecks Kontrolle wiederholen

ja :crazy:

Soll ich es dann nochmal schicken?

Code:



# -------------------------------

# Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------

# Build:    07-23-2019

# Database: 2019-07-22.1 (Local)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Clean

# -------------------------------

# Start:    08-09-2019

# Duration: 00:00:28

# OS:       Windows 10 Home

# Cleaned:  201

# Failed:   0
 
 

***** [ Services ] *****
 

No malicious services cleaned.
 

***** [ Folders ] *****
 

Deleted       C:\Program Files (x86)\DriverWhiz

Deleted       C:\Program Files (x86)\Radio Canyon

Deleted       C:\Program Files (x86)\globalUpdate

Deleted       C:\Program Files\Enigma Software Group

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz

Deleted       C:\Users\Ingo\AppData\LocalLow\Conduit

Deleted       C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3

Deleted       C:\Users\Ingo\AppData\LocalLow\PriceGong

Deleted       C:\Users\Ingo\AppData\LocalLow\Radio Canyon

Deleted       C:\Users\Ingo\AppData\LocalLow\Softonic

Deleted       C:\Users\Ingo\AppData\LocalLow\iac

Deleted       C:\Users\Ingo\AppData\Local\Browsersafeguard

Deleted       C:\Users\Ingo\AppData\Local\globalUpdate

Deleted       C:\Users\Ingo\AppData\Local\iac

Deleted       C:\Users\Ingo\AppData\Local\slimware utilities inc

Deleted       C:\Users\Ingo\AppData\Roaming\BabSolution

Deleted       C:\Users\Ingo\AppData\Roaming\OpenCandy

Deleted       C:\Users\Ingo\AppData\Roaming\RHEng

Deleted       C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers

Deleted       C:\Users\Public\Documents\Downloaded Installers
 

***** [ Files ] *****
 

Deleted       C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml

Deleted       C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE

Deleted       C:\Users\Ingo\Downloads\Driverwhiz.exe

Deleted       C:\Users\Ingo\Downloads\ReimageRepair.exe

Deleted       C:\Windows\Reimage.ini
 

***** [ DLL ] *****
 

No malicious DLLs cleaned.
 

***** [ WMI ] *****
 

No malicious WMI cleaned.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts cleaned.
 

***** [ Tasks ] *****
 

Deleted       C:\Windows\System32\Tasks\BROWSERDEFENDERT

Deleted       C:\Windows\System32\Tasks\LAUNCHSIGNUP

Deleted       C:\Windows\System32\Tasks\SPYHUNTER4STARTUP

Deleted       C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}

Deleted       C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB

Deleted       C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB

Deleted       C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job
 

***** [ Registry ] *****
 

Deleted       HKCU\SOFTWARE\828ad1e639bf42

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}

Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

Deleted       HKCU\Software\AppDataLow\Software\Crossrider

Deleted       HKCU\Software\AppDataLow\Software\PriceGong

Deleted       HKCU\Software\AppDataLow\Software\Radio Canyon

Deleted       HKCU\Software\AppDataLow\Software\Toolbar

Deleted       HKCU\Software\Carambis

Deleted       HKCU\Software\DataMngr

Deleted       HKCU\Software\DriverWhiz

Deleted       HKCU\Software\GlobalUpdate

Deleted       HKCU\Software\InstalledBrowserExtensions

Deleted       HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.

Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com

Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com

Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com

Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page

Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}

Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope

Deleted       HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome

Deleted       HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Deleted       HKCU\Software\PRODUCTSETUP

Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G

Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F

Deleted       HKCU\Software\Reimage

Deleted       HKCU\Software\SlimWare Utilities Inc

Deleted       HKCU\Software\Smartbar

Deleted       HKCU\Software\csastats

Deleted       HKCU\Software\reimagerepair

Deleted       HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL

Deleted       HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Deleted       HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}

Deleted       HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}

Deleted       HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}

Deleted       HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}

Deleted       HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}

Deleted       HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}

Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}

Deleted       HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

Deleted       HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Deleted       HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

Deleted       HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Deleted       HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}

Deleted       HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}

Deleted       HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Deleted       HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

Deleted       HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}

Deleted       HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}

Deleted       HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}

Deleted       HKLM\Software\Classes\Prod.cap

Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine

Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine.1

Deleted       HKLM\Software\EnigmaSoftwareGroup

Deleted       HKLM\Software\InstalledBrowserExtensions

Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Deleted       HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}

Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

Deleted       HKLM\Software\Reimage

Deleted       HKLM\Software\Wow6432Node\828ad1e639bf42

Deleted       HKLM\Software\Wow6432Node\DataMngr

Deleted       HKLM\Software\Wow6432Node\GlobalUpdate

Deleted       HKLM\Software\Wow6432Node\InstalledBrowserExtensions

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe

Deleted       HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin

Deleted       HKLM\Software\Wow6432Node\Radio Canyon

Deleted       HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.

Deleted       HKLM\Software\Wow6432Node\SlimWare Utilities Inc

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}

Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Deleted       HKLM\Software\Wow6432Node\systweak

Deleted       HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries cleaned.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs cleaned.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries cleaned.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs cleaned.
 

***** [ Preinstalled Software ] *****
 

No Preinstalled Software cleaned.
 
 

*************************
 

[+] Delete Prefetch

[+] Delete Tracing Keys

[+] Reset Chromium Policies

[+] Reset IE Policies

[+] Reset Winsock
 

*************************
 

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Du sollst das Teil nochmal scannen lassen...nicht das alte Log was wir alle schon kennen nochmal schicken :wtf:

Code:



# -------------------------------

# Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------

# Build:    07-23-2019

# Database: 2019-07-22.1 (Local)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Clean

# -------------------------------

# Start:    08-10-2019

# Duration: 00:00:15

# OS:       Windows 10 Home

# Cleaned:  1

# Failed:   0
 
 

***** [ Services ] *****
 

No malicious services cleaned.
 

***** [ Folders ] *****
 

No malicious folders cleaned.
 

***** [ Files ] *****
 

No malicious files cleaned.
 

***** [ DLL ] *****
 

No malicious DLLs cleaned.
 

***** [ WMI ] *****
 

No malicious WMI cleaned.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts cleaned.
 

***** [ Tasks ] *****
 

No malicious tasks cleaned.
 

***** [ Registry ] *****
 

Deleted       HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries cleaned.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs cleaned.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries cleaned.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs cleaned.
 

***** [ Preinstalled Software ] *****
 

No Preinstalled Software cleaned.
 
 

*************************
 

[+] Delete Prefetch

[+] Delete Tracing Keys

[+] Reset Chromium Policies

[+] Reset IE Policies

[+] Reset Winsock
 

*************************
 

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]

AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]

AdwCleaner[S01].txt - [1954 octets] - [10/08/2019 10:30:40]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Code:



# -------------------------------

# Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------

# Build:    07-23-2019

# Database: 2019-07-22.1 (Local)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Scan

# -------------------------------

# Start:    08-09-2019

# Duration: 00:00:28

# OS:       Windows 10 Home

# Scanned:  35810

# Detected: 246
 
 

***** [ Services ] *****
 

No malicious services found.
 

***** [ Folders ] *****
 

PUP.Optional.383Media           C:\Program Files (x86)\DriverWhiz

PUP.Optional.383Media           C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz

PUP.Optional.BrowserSafeGuard   C:\Users\Ingo\AppData\Local\Browsersafeguard

PUP.Optional.Conduit            C:\Users\Ingo\AppData\LocalLow\Conduit

PUP.Optional.Conduit.A          C:\Users\Ingo\AppData\Roaming\RHEng

PUP.Optional.CrossRider         C:\Program Files (x86)\Radio Canyon

PUP.Optional.CrossRider         C:\Users\Ingo\AppData\LocalLow\Radio Canyon

PUP.Optional.Legacy             C:\Program Files (x86)\globalUpdate

PUP.Optional.Legacy             C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3

PUP.Optional.Legacy             C:\Users\Ingo\AppData\Local\globalUpdate

PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\BabSolution

PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers

PUP.Optional.Legacy             C:\Users\Public\Documents\Downloaded Installers

PUP.Optional.OpenCandy          C:\Users\Ingo\AppData\Roaming\OpenCandy

PUP.Optional.PriceGong          C:\Users\Ingo\AppData\LocalLow\PriceGong

PUP.Optional.SlimCleanerPlus    C:\Users\Ingo\AppData\Local\slimware utilities inc

PUP.Optional.SofTonicAssistant  C:\Users\Ingo\AppData\LocalLow\Softonic

PUP.Optional.SpyHunter          C:\Program Files\Enigma Software Group

Trojan.Agent                    C:\Users\Ingo\AppData\LocalLow\iac

Trojan.Agent                    C:\Users\Ingo\AppData\Local\iac
 

***** [ Files ] *****
 

PUP.Optional.Chip               C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE

PUP.Optional.DriverWhiz         C:\Users\Ingo\Downloads\Driverwhiz.exe

PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml

PUP.Optional.Reimage            C:\Users\Ingo\Downloads\ReimageRepair.exe

PUP.Optional.Reimage            C:\Windows\Reimage.ini
 

***** [ DLL ] *****
 

No malicious DLLs found.
 

***** [ WMI ] *****
 

No malicious WMI found.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts found.
 

***** [ Tasks ] *****
 

PUP.Adware.Heuristic            C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}

PUP.Adware.Heuristic            C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job

PUP.Optional.BrowserDefender.AppFlsh C:\Windows\System32\Tasks\BROWSERDEFENDERT

PUP.Optional.Legacy             C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB

PUP.Optional.Legacy             C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB

PUP.Optional.MyPCBackup         C:\Windows\System32\Tasks\LAUNCHSIGNUP

PUP.Optional.SpyHunter          C:\Windows\System32\Tasks\SPYHUNTER4STARTUP
 

***** [ Registry ] *****
 

PUP.Adware.Heuristic            HKCU\SOFTWARE\828ad1e639bf42

PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 

PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 

PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}

PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\828ad1e639bf42

PUP.Optional.383Media           HKCU\Software\DriverWhiz

PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}

PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}

PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}

PUP.Optional.BProtect           HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome

PUP.Optional.BProtector         HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}

PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}

PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert

PUP.Optional.ByteFence          HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com

PUP.Optional.ByteFence          HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com

PUP.Optional.Carambis           HKCU\Software\Carambis

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}

PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

PUP.Optional.CrossRider         HKCU\Software\AppDataLow\Software\Crossrider

PUP.Optional.CrossRider         HKCU\Software\AppDataLow\Software\Radio Canyon

PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe

PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Radio Canyon

PUP.Optional.DataMngr.AppFlsh   HKCU\Software\DataMngr

PUP.Optional.DataMngr.AppFlsh   HKLM\Software\Wow6432Node\DataMngr

PUP.Optional.InstallCore        HKCU\Software\csastats

PUP.Optional.Legacy             HKCU\Software\GlobalUpdate

PUP.Optional.Legacy             HKCU\Software\InstalledBrowserExtensions

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}

PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}

PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}

PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}

PUP.Optional.Legacy             HKCU\Software\Smartbar

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}

PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore

PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA

PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}

PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}

PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

PUP.Optional.Legacy             HKLM\Software\Classes\Prod.cap

PUP.Optional.Legacy             HKLM\Software\InstalledBrowserExtensions

PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}

PUP.Optional.Legacy             HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64

PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\GlobalUpdate

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\InstalledBrowserExtensions

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

PUP.Optional.MindSpark.A        HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}

PUP.Optional.MindSpark.A        HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}

PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}

PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}

PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin

PUP.Optional.PriceGong          HKCU\Software\AppDataLow\Software\PriceGong

PUP.Optional.ProductSetup.A     HKCU\Software\PRODUCTSETUP

PUP.Optional.Reimage            HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.

PUP.Optional.Reimage            HKCU\Software\Reimage

PUP.Optional.Reimage            HKCU\Software\reimagerepair

PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine

PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine.1

PUP.Optional.Reimage            HKLM\Software\Reimage

PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G

PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F

PUP.Optional.SlimCleanerPlus    HKCU\Software\SlimWare Utilities Inc

PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.

PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SlimWare Utilities Inc

PUP.Optional.SpeedItupFree      HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

PUP.Optional.SpeedItupFree      HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}

PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}

PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup

PUP.Optional.SpyHunter          HKLM\Software\EnigmaSoftwareGroup

PUP.Optional.SysTweak           HKLM\Software\Wow6432Node\systweak

PUP.Optional.VBatesHelper       HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates

PUP.Optional.WebBar             HKCU\Software\AppDataLow\Software\Toolbar
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries found.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs found.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries found.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs found.
 

***** [ Preinstalled Software ] *****
 

Preinstalled.ASUSGames          

Preinstalled.ASUSInstantOn      

Preinstalled.ASUSLiveUpdate     

Preinstalled.ASUSProductRegistration 

Preinstalled.ASUSSmartGesture   

Preinstalled.ASUSSplendid       

Preinstalled.ASUSVibe           

Preinstalled.ASUSVirtualCamera  

Preinstalled.ASUSWebStorage     

Preinstalled.CyberLinkLabelPrint 

Preinstalled.HPJumpStartApps    

Preinstalled.LenovoPower2Go     

Preinstalled.PackardBellGamesBundle 

Preinstalled.SamsungSmartSwitch 
 
 
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Code:



# -------------------------------

# Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------

# Build:    07-23-2019

# Database: 2019-07-22.1 (Local)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Scan

# -------------------------------

# Start:    08-10-2019

# Duration: 00:00:23

# OS:       Windows 10 Home

# Scanned:  35810

# Detected: 45
 
 

***** [ Services ] *****
 

No malicious services found.
 

***** [ Folders ] *****
 

No malicious folders found.
 

***** [ Files ] *****
 

No malicious files found.
 

***** [ DLL ] *****
 

No malicious DLLs found.
 

***** [ WMI ] *****
 

No malicious WMI found.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts found.
 

***** [ Tasks ] *****
 

No malicious tasks found.
 

***** [ Registry ] *****
 

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries found.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs found.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries found.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs found.
 

***** [ Preinstalled Software ] *****
 

Preinstalled.ASUSGames          

Preinstalled.ASUSInstantOn      

Preinstalled.ASUSLiveUpdate     

Preinstalled.ASUSProductRegistration 

Preinstalled.ASUSSmartGesture   

Preinstalled.ASUSSplendid       

Preinstalled.ASUSVibe           

Preinstalled.ASUSVirtualCamera  

Preinstalled.ASUSWebStorage     

Preinstalled.CyberLinkLabelPrint 

Preinstalled.LenovoPower2Go     

Preinstalled.PackardBellGamesBundle 

Preinstalled.SamsungSmartSwitch 
 
 

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]

AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Code:



# -------------------------------

# Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------

# Build:    07-23-2019

# Database: 2019-07-22.1 (Local)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Scan

# -------------------------------

# Start:    08-10-2019

# Duration: 00:00:56

# OS:       Windows 10 Home

# Scanned:  35810

# Detected: 45
 
 

***** [ Services ] *****
 

No malicious services found.
 

***** [ Folders ] *****
 

No malicious folders found.
 

***** [ Files ] *****
 

No malicious files found.
 

***** [ DLL ] *****
 

No malicious DLLs found.
 

***** [ WMI ] *****
 

No malicious WMI found.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts found.
 

***** [ Tasks ] *****
 

No malicious tasks found.
 

***** [ Registry ] *****
 

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries found.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs found.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries found.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs found.
 

***** [ Preinstalled Software ] *****
 

Preinstalled.ASUSGames          

Preinstalled.ASUSInstantOn      

Preinstalled.ASUSLiveUpdate     

Preinstalled.ASUSProductRegistration 

Preinstalled.ASUSSmartGesture   

Preinstalled.ASUSSplendid       

Preinstalled.ASUSVibe           

Preinstalled.ASUSVirtualCamera  

Preinstalled.ASUSWebStorage     

Preinstalled.CyberLinkLabelPrint 

Preinstalled.LenovoPower2Go     

Preinstalled.PackardBellGamesBundle 

Preinstalled.SamsungSmartSwitch 
 
 

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]

AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]

AdwCleaner[S01].txt - [1954 octets] - [10/08/2019 10:30:40]

AdwCleaner[C01].txt - [1775 octets] - [10/08/2019 10:32:19]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

habe nochmal gescannt und noch mal alles geschickt

Zitat:

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames
Preinstalled.ASUSInstantOn
Preinstalled.ASUSLiveUpdate
Preinstalled.ASUSProductRegistration
Preinstalled.ASUSSmartGesture
Preinstalled.ASUSSplendid
Preinstalled.ASUSVibe
Preinstalled.ASUSVirtualCamera
Preinstalled.ASUSWebStorage
Preinstalled.CyberLinkLabelPrint
Preinstalled.LenovoPower2Go
Preinstalled.PackardBellGamesBundle
Preinstalled.SamsungSmartSwitch

Diese vorinstallierte Software von ASUS kannst du mal deinstallieren, braucht wirklich niemand sowas.