Komm vergiss es. Hau weg den Schrott. Dann muss ich halt mit den FRST-Logs allein auskommen.

Wir deinstallieren dann auch anderen unnötigen oder veralteten Krempel. Das hier bitte alles deinstallieren:

Adobe Acrobat Reader DC - Deutsch
Adobe Flash Player 32 NPAPI
Bitdefender Agent
Bitdefender Internet Security
Bitdefender VPN
VLC media player
WinRAR 5.40 (32-Bit)
Yahoo! Powered

Es werden doch zur Zeit die Erpress E-Mail verbreitet... hat das was mit den Trojaner zu tun oder ist das nur eine Mail, was meinst du?

Ok, mache ich gleich. Danke

Ja du tust so als wäre das die ultimativ neue Nachricht
Schädlinge per Mail gibt es seit mehr als 20 Jahren. Ein sehr bekannter Vertreter der Mailwürmer ist Loveletter

Nein das nicht.
Aber ich habe das E-Mail bekommen, die Polizei sagt ist nur eine E-Mail.
Aber ich habe zufällig einen Trojaner oben???

Das Yahoo! Powered lässt sich nicht deinstallieren?!

Beim Yahoo Powered reagiert das Deinstallieren gar nicht

Das zeigt keine Herausgeber, Größe, Version nix an

Hast du sonst alles deinstallieren? Wenn ja, bitte mit adwCleaner weitermachen.

adwCleaner v7.4

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

Sonst alles, Bitdefender dauert noch...

so jetzt alles so ausgeführt. PC wurde neu gestrartet

Das Yahoo ist immer noch da

wie mache ich die log Datei in Codetags

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-09-2019
# Duration: 00:00:28
# OS: Windows 10 Home
# Cleaned: 201
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\DriverWhiz
Deleted C:\Program Files (x86)\Radio Canyon
Deleted C:\Program Files (x86)\globalUpdate
Deleted C:\Program Files\Enigma Software Group
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
Deleted C:\Users\Ingo\AppData\LocalLow\Conduit
Deleted C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3
Deleted C:\Users\Ingo\AppData\LocalLow\PriceGong
Deleted C:\Users\Ingo\AppData\LocalLow\Radio Canyon
Deleted C:\Users\Ingo\AppData\LocalLow\Softonic
Deleted C:\Users\Ingo\AppData\LocalLow\iac
Deleted C:\Users\Ingo\AppData\Local\Browsersafeguard
Deleted C:\Users\Ingo\AppData\Local\globalUpdate
Deleted C:\Users\Ingo\AppData\Local\iac
Deleted C:\Users\Ingo\AppData\Local\slimware utilities inc
Deleted C:\Users\Ingo\AppData\Roaming\BabSolution
Deleted C:\Users\Ingo\AppData\Roaming\OpenCandy
Deleted C:\Users\Ingo\AppData\Roaming\RHEng
Deleted C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
Deleted C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml
Deleted C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE
Deleted C:\Users\Ingo\Downloads\Driverwhiz.exe
Deleted C:\Users\Ingo\Downloads\ReimageRepair.exe
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\BROWSERDEFENDERT
Deleted C:\Windows\System32\Tasks\LAUNCHSIGNUP
Deleted C:\Windows\System32\Tasks\SPYHUNTER4STARTUP
Deleted C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
Deleted C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB
Deleted C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB
Deleted C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\828ad1e639bf42
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted HKCU\Software\AppDataLow\Software\Crossrider
Deleted HKCU\Software\AppDataLow\Software\PriceGong
Deleted HKCU\Software\AppDataLow\Software\Radio Canyon
Deleted HKCU\Software\AppDataLow\Software\Toolbar
Deleted HKCU\Software\Carambis
Deleted HKCU\Software\DataMngr
Deleted HKCU\Software\DriverWhiz
Deleted HKCU\Software\GlobalUpdate
Deleted HKCU\Software\InstalledBrowserExtensions
Deleted HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope
Deleted HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\SlimWare Utilities Inc
Deleted HKCU\Software\Smartbar
Deleted HKCU\Software\csastats
Deleted HKCU\Software\reimagerepair
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Deleted HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Deleted HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Deleted HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Deleted HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}
Deleted HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}
Deleted HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\EnigmaSoftwareGroup
Deleted HKLM\Software\InstalledBrowserExtensions
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Deleted HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\828ad1e639bf42
Deleted HKLM\Software\Wow6432Node\DataMngr
Deleted HKLM\Software\Wow6432Node\GlobalUpdate
Deleted HKLM\Software\Wow6432Node\InstalledBrowserExtensions
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe
Deleted HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
Deleted HKLM\Software\Wow6432Node\Radio Canyon
Deleted HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\systweak
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-09-2019
# Duration: 00:00:28
# OS: Windows 10 Home
# Scanned: 35810
# Detected: 246


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.383Media C:\Program Files (x86)\DriverWhiz
PUP.Optional.383Media C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
PUP.Optional.BrowserSafeGuard C:\Users\Ingo\AppData\Local\Browsersafeguard
PUP.Optional.Conduit C:\Users\Ingo\AppData\LocalLow\Conduit
PUP.Optional.Conduit.A C:\Users\Ingo\AppData\Roaming\RHEng
PUP.Optional.CrossRider C:\Program Files (x86)\Radio Canyon
PUP.Optional.CrossRider C:\Users\Ingo\AppData\LocalLow\Radio Canyon
PUP.Optional.Legacy C:\Program Files (x86)\globalUpdate
PUP.Optional.Legacy C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3
PUP.Optional.Legacy C:\Users\Ingo\AppData\Local\globalUpdate
PUP.Optional.Legacy C:\Users\Ingo\AppData\Roaming\BabSolution
PUP.Optional.Legacy C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.OpenCandy C:\Users\Ingo\AppData\Roaming\OpenCandy
PUP.Optional.PriceGong C:\Users\Ingo\AppData\LocalLow\PriceGong
PUP.Optional.SlimCleanerPlus C:\Users\Ingo\AppData\Local\slimware utilities inc
PUP.Optional.SofTonicAssistant C:\Users\Ingo\AppData\LocalLow\Softonic
PUP.Optional.SpyHunter C:\Program Files\Enigma Software Group
Trojan.Agent C:\Users\Ingo\AppData\LocalLow\iac
Trojan.Agent C:\Users\Ingo\AppData\Local\iac

***** [ Files ] *****

PUP.Optional.Chip C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE
PUP.Optional.DriverWhiz C:\Users\Ingo\Downloads\Driverwhiz.exe
PUP.Optional.Legacy C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml
PUP.Optional.Reimage C:\Users\Ingo\Downloads\ReimageRepair.exe
PUP.Optional.Reimage C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
PUP.Adware.Heuristic C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job
PUP.Optional.BrowserDefender.AppFlsh C:\Windows\System32\Tasks\BROWSERDEFENDERT
PUP.Optional.Legacy C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB
PUP.Optional.Legacy C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB
PUP.Optional.MyPCBackup C:\Windows\System32\Tasks\LAUNCHSIGNUP
PUP.Optional.SpyHunter C:\Windows\System32\Tasks\SPYHUNTER4STARTUP

***** [ Registry ] *****

PUP.Adware.Heuristic HKCU\SOFTWARE\828ad1e639bf42
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F}
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F}
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\828ad1e639bf42
PUP.Optional.383Media HKCU\Software\DriverWhiz
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}
PUP.Optional.BProtect HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
PUP.Optional.BProtector HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
PUP.Optional.ByteFence HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
PUP.Optional.ByteFence HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com
PUP.Optional.Carambis HKCU\Software\Carambis
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider HKCU\Software\AppDataLow\Software\Crossrider
PUP.Optional.CrossRider HKCU\Software\AppDataLow\Software\Radio Canyon
PUP.Optional.CrossRider HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe
PUP.Optional.CrossRider HKLM\Software\Wow6432Node\Radio Canyon
PUP.Optional.DataMngr.AppFlsh HKCU\Software\DataMngr
PUP.Optional.DataMngr.AppFlsh HKLM\Software\Wow6432Node\DataMngr
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\GlobalUpdate
PUP.Optional.Legacy HKCU\Software\InstalledBrowserExtensions
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
PUP.Optional.Legacy HKCU\Software\Smartbar
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
PUP.Optional.Legacy HKLM\Software\Classes\Prod.cap
PUP.Optional.Legacy HKLM\Software\InstalledBrowserExtensions
PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
PUP.Optional.Legacy HKLM\Software\Wow6432Node\GlobalUpdate
PUP.Optional.Legacy HKLM\Software\Wow6432Node\InstalledBrowserExtensions
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.MindSpark.A HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
PUP.Optional.MindSpark.A HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}
PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}
PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
PUP.Optional.MyWebSearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
PUP.Optional.MyWebSearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
PUP.Optional.MyWebSearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
PUP.Optional.MyWebSearch HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
PUP.Optional.PriceGong HKCU\Software\AppDataLow\Software\PriceGong
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.Reimage HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage HKCU\Software\Reimage
PUP.Optional.Reimage HKCU\Software\reimagerepair
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine.1
PUP.Optional.Reimage HKLM\Software\Reimage
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
PUP.Optional.SlimCleanerPlus HKCU\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.SpeedItupFree HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpeedItupFree HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpyHunter HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
PUP.Optional.SpyHunter HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
PUP.Optional.SpyHunter HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup
PUP.Optional.SpyHunter HKLM\Software\EnigmaSoftwareGroup
PUP.Optional.SysTweak HKLM\Software\Wow6432Node\systweak
PUP.Optional.VBatesHelper HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates
PUP.Optional.WebBar HKCU\Software\AppDataLow\Software\Toolbar

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames
Preinstalled.ASUSInstantOn
Preinstalled.ASUSLiveUpdate
Preinstalled.ASUSProductRegistration
Preinstalled.ASUSSmartGesture
Preinstalled.ASUSSplendid
Preinstalled.ASUSVibe
Preinstalled.ASUSVirtualCamera
Preinstalled.ASUSWebStorage
Preinstalled.CyberLinkLabelPrint
Preinstalled.HPJumpStartApps
Preinstalled.LenovoPower2Go
Preinstalled.PackardBellGamesBundle
Preinstalled.SamsungSmartSwitch



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Du liest auch echt nichts oder? Was hab ich geschrieben wie die Logs gepostet werden sollen?

Ich lese alles.... du sag mal, meinst du ich bin ein Computer Experte??? Nein das bin ich nicht....Ich habe dich gefragt wie ich das machen soll mit den Code Tags? Du
Du bist Experte, gehst davon aus, das der Laie alles kann, das ist aber nicht so...

Ich habe mich hier registriert, weil ich Hilfe brauche bei meinen Anliegen, habe mit solchen Sachen nicht viel zu tun. Aber nach deinen Vorderungen, muss ich alles können.

Ja du hast dich registriert weil du hier Hilfe willst. Aber lesen musst du schon selbst. Oder war meine Antwort in Posting #4 schon wieder zuviel Text?

Stimmt das habe ich übersehen sorry

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-09-2019
# Duration: 00:00:28
# OS:       Windows 10 Home
# Cleaned:  201
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\DriverWhiz
Deleted       C:\Program Files (x86)\Radio Canyon
Deleted       C:\Program Files (x86)\globalUpdate
Deleted       C:\Program Files\Enigma Software Group
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
Deleted       C:\Users\Ingo\AppData\LocalLow\Conduit
Deleted       C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3
Deleted       C:\Users\Ingo\AppData\LocalLow\PriceGong
Deleted       C:\Users\Ingo\AppData\LocalLow\Radio Canyon
Deleted       C:\Users\Ingo\AppData\LocalLow\Softonic
Deleted       C:\Users\Ingo\AppData\LocalLow\iac
Deleted       C:\Users\Ingo\AppData\Local\Browsersafeguard
Deleted       C:\Users\Ingo\AppData\Local\globalUpdate
Deleted       C:\Users\Ingo\AppData\Local\iac
Deleted       C:\Users\Ingo\AppData\Local\slimware utilities inc
Deleted       C:\Users\Ingo\AppData\Roaming\BabSolution
Deleted       C:\Users\Ingo\AppData\Roaming\OpenCandy
Deleted       C:\Users\Ingo\AppData\Roaming\RHEng
Deleted       C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
Deleted       C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted       C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml
Deleted       C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE
Deleted       C:\Users\Ingo\Downloads\Driverwhiz.exe
Deleted       C:\Users\Ingo\Downloads\ReimageRepair.exe
Deleted       C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\BROWSERDEFENDERT
Deleted       C:\Windows\System32\Tasks\LAUNCHSIGNUP
Deleted       C:\Windows\System32\Tasks\SPYHUNTER4STARTUP
Deleted       C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
Deleted       C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB
Deleted       C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB
Deleted       C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\828ad1e639bf42
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted       HKCU\Software\AppDataLow\Software\Crossrider
Deleted       HKCU\Software\AppDataLow\Software\PriceGong
Deleted       HKCU\Software\AppDataLow\Software\Radio Canyon
Deleted       HKCU\Software\AppDataLow\Software\Toolbar
Deleted       HKCU\Software\Carambis
Deleted       HKCU\Software\DataMngr
Deleted       HKCU\Software\DriverWhiz
Deleted       HKCU\Software\GlobalUpdate
Deleted       HKCU\Software\InstalledBrowserExtensions
Deleted       HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope
Deleted       HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
Deleted       HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\Reimage
Deleted       HKCU\Software\SlimWare Utilities Inc
Deleted       HKCU\Software\Smartbar
Deleted       HKCU\Software\csastats
Deleted       HKCU\Software\reimagerepair
Deleted       HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted       HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Deleted       HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted       HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Deleted       HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Deleted       HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted       HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Deleted       HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
Deleted       HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted       HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted       HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted       HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted       HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted       HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}
Deleted       HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}
Deleted       HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}
Deleted       HKLM\Software\Classes\Prod.cap
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted       HKLM\Software\EnigmaSoftwareGroup
Deleted       HKLM\Software\InstalledBrowserExtensions
Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Deleted       HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Deleted       HKLM\Software\Reimage
Deleted       HKLM\Software\Wow6432Node\828ad1e639bf42
Deleted       HKLM\Software\Wow6432Node\DataMngr
Deleted       HKLM\Software\Wow6432Node\GlobalUpdate
Deleted       HKLM\Software\Wow6432Node\InstalledBrowserExtensions
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe
Deleted       HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
Deleted       HKLM\Software\Wow6432Node\Radio Canyon
Deleted       HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
Deleted       HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted       HKLM\Software\Wow6432Node\systweak
Deleted       HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-10-2019
# Duration: 00:00:15
# OS:       Windows 10 Home
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]
AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]
AdwCleaner[S01].txt - [1954 octets] - [10/08/2019 10:30:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
         

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-09-2019
# Duration: 00:00:28
# OS:       Windows 10 Home
# Scanned:  35810
# Detected: 246


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.383Media           C:\Program Files (x86)\DriverWhiz
PUP.Optional.383Media           C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
PUP.Optional.BrowserSafeGuard   C:\Users\Ingo\AppData\Local\Browsersafeguard
PUP.Optional.Conduit            C:\Users\Ingo\AppData\LocalLow\Conduit
PUP.Optional.Conduit.A          C:\Users\Ingo\AppData\Roaming\RHEng
PUP.Optional.CrossRider         C:\Program Files (x86)\Radio Canyon
PUP.Optional.CrossRider         C:\Users\Ingo\AppData\LocalLow\Radio Canyon
PUP.Optional.Legacy             C:\Program Files (x86)\globalUpdate
PUP.Optional.Legacy             C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3
PUP.Optional.Legacy             C:\Users\Ingo\AppData\Local\globalUpdate
PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\BabSolution
PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
PUP.Optional.Legacy             C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.OpenCandy          C:\Users\Ingo\AppData\Roaming\OpenCandy
PUP.Optional.PriceGong          C:\Users\Ingo\AppData\LocalLow\PriceGong
PUP.Optional.SlimCleanerPlus    C:\Users\Ingo\AppData\Local\slimware utilities inc
PUP.Optional.SofTonicAssistant  C:\Users\Ingo\AppData\LocalLow\Softonic
PUP.Optional.SpyHunter          C:\Program Files\Enigma Software Group
Trojan.Agent                    C:\Users\Ingo\AppData\LocalLow\iac
Trojan.Agent                    C:\Users\Ingo\AppData\Local\iac

***** [ Files ] *****

PUP.Optional.Chip               C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE
PUP.Optional.DriverWhiz         C:\Users\Ingo\Downloads\Driverwhiz.exe
PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml
PUP.Optional.Reimage            C:\Users\Ingo\Downloads\ReimageRepair.exe
PUP.Optional.Reimage            C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic            C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
PUP.Adware.Heuristic            C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job
PUP.Optional.BrowserDefender.AppFlsh C:\Windows\System32\Tasks\BROWSERDEFENDERT
PUP.Optional.Legacy             C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB
PUP.Optional.Legacy             C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB
PUP.Optional.MyPCBackup         C:\Windows\System32\Tasks\LAUNCHSIGNUP
PUP.Optional.SpyHunter          C:\Windows\System32\Tasks\SPYHUNTER4STARTUP

***** [ Registry ] *****

PUP.Adware.Heuristic            HKCU\SOFTWARE\828ad1e639bf42
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\828ad1e639bf42
PUP.Optional.383Media           HKCU\Software\DriverWhiz
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}
PUP.Optional.BProtect           HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
PUP.Optional.BProtector         HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
PUP.Optional.ByteFence          HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
PUP.Optional.ByteFence          HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com
PUP.Optional.Carambis           HKCU\Software\Carambis
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider         HKCU\Software\AppDataLow\Software\Crossrider
PUP.Optional.CrossRider         HKCU\Software\AppDataLow\Software\Radio Canyon
PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Radio Canyon
PUP.Optional.DataMngr.AppFlsh   HKCU\Software\DataMngr
PUP.Optional.DataMngr.AppFlsh   HKLM\Software\Wow6432Node\DataMngr
PUP.Optional.InstallCore        HKCU\Software\csastats
PUP.Optional.Legacy             HKCU\Software\GlobalUpdate
PUP.Optional.Legacy             HKCU\Software\InstalledBrowserExtensions
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
PUP.Optional.Legacy             HKCU\Software\Smartbar
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
PUP.Optional.Legacy             HKLM\Software\Classes\Prod.cap
PUP.Optional.Legacy             HKLM\Software\InstalledBrowserExtensions
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\GlobalUpdate
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\InstalledBrowserExtensions
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.MindSpark.A        HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
PUP.Optional.MindSpark.A        HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}
PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}
PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
PUP.Optional.PriceGong          HKCU\Software\AppDataLow\Software\PriceGong
PUP.Optional.ProductSetup.A     HKCU\Software\PRODUCTSETUP
PUP.Optional.Reimage            HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage            HKCU\Software\Reimage
PUP.Optional.Reimage            HKCU\Software\reimagerepair
PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine
PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine.1
PUP.Optional.Reimage            HKLM\Software\Reimage
PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
PUP.Optional.SlimCleanerPlus    HKCU\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.SpeedItupFree      HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpeedItupFree      HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup
PUP.Optional.SpyHunter          HKLM\Software\EnigmaSoftwareGroup
PUP.Optional.SysTweak           HKLM\Software\Wow6432Node\systweak
PUP.Optional.VBatesHelper       HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates
PUP.Optional.WebBar             HKCU\Software\AppDataLow\Software\Toolbar

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames          
Preinstalled.ASUSInstantOn      
Preinstalled.ASUSLiveUpdate     
Preinstalled.ASUSProductRegistration 
Preinstalled.ASUSSmartGesture   
Preinstalled.ASUSSplendid       
Preinstalled.ASUSVibe           
Preinstalled.ASUSVirtualCamera  
Preinstalled.ASUSWebStorage     
Preinstalled.CyberLinkLabelPrint 
Preinstalled.HPJumpStartApps    
Preinstalled.LenovoPower2Go     
Preinstalled.PackardBellGamesBundle 
Preinstalled.SamsungSmartSwitch 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
         

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-10-2019
# Duration: 00:00:23
# OS:       Windows 10 Home
# Scanned:  35810
# Detected: 45


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames          
Preinstalled.ASUSInstantOn      
Preinstalled.ASUSLiveUpdate     
Preinstalled.ASUSProductRegistration 
Preinstalled.ASUSSmartGesture   
Preinstalled.ASUSSplendid       
Preinstalled.ASUSVibe           
Preinstalled.ASUSVirtualCamera  
Preinstalled.ASUSWebStorage     
Preinstalled.CyberLinkLabelPrint 
Preinstalled.LenovoPower2Go     
Preinstalled.PackardBellGamesBundle 
Preinstalled.SamsungSmartSwitch 


AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]
AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
         

Geht doch


adwcleaner bitte zwecks Kontrolle wiederholen

ja

Soll ich es dann nochmal schicken?

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-09-2019
# Duration: 00:00:28
# OS:       Windows 10 Home
# Cleaned:  201
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\DriverWhiz
Deleted       C:\Program Files (x86)\Radio Canyon
Deleted       C:\Program Files (x86)\globalUpdate
Deleted       C:\Program Files\Enigma Software Group
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
Deleted       C:\Users\Ingo\AppData\LocalLow\Conduit
Deleted       C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3
Deleted       C:\Users\Ingo\AppData\LocalLow\PriceGong
Deleted       C:\Users\Ingo\AppData\LocalLow\Radio Canyon
Deleted       C:\Users\Ingo\AppData\LocalLow\Softonic
Deleted       C:\Users\Ingo\AppData\LocalLow\iac
Deleted       C:\Users\Ingo\AppData\Local\Browsersafeguard
Deleted       C:\Users\Ingo\AppData\Local\globalUpdate
Deleted       C:\Users\Ingo\AppData\Local\iac
Deleted       C:\Users\Ingo\AppData\Local\slimware utilities inc
Deleted       C:\Users\Ingo\AppData\Roaming\BabSolution
Deleted       C:\Users\Ingo\AppData\Roaming\OpenCandy
Deleted       C:\Users\Ingo\AppData\Roaming\RHEng
Deleted       C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
Deleted       C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted       C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml
Deleted       C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE
Deleted       C:\Users\Ingo\Downloads\Driverwhiz.exe
Deleted       C:\Users\Ingo\Downloads\ReimageRepair.exe
Deleted       C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\BROWSERDEFENDERT
Deleted       C:\Windows\System32\Tasks\LAUNCHSIGNUP
Deleted       C:\Windows\System32\Tasks\SPYHUNTER4STARTUP
Deleted       C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
Deleted       C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB
Deleted       C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB
Deleted       C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\828ad1e639bf42
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted       HKCU\Software\AppDataLow\Software\Crossrider
Deleted       HKCU\Software\AppDataLow\Software\PriceGong
Deleted       HKCU\Software\AppDataLow\Software\Radio Canyon
Deleted       HKCU\Software\AppDataLow\Software\Toolbar
Deleted       HKCU\Software\Carambis
Deleted       HKCU\Software\DataMngr
Deleted       HKCU\Software\DriverWhiz
Deleted       HKCU\Software\GlobalUpdate
Deleted       HKCU\Software\InstalledBrowserExtensions
Deleted       HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope
Deleted       HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
Deleted       HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\Reimage
Deleted       HKCU\Software\SlimWare Utilities Inc
Deleted       HKCU\Software\Smartbar
Deleted       HKCU\Software\csastats
Deleted       HKCU\Software\reimagerepair
Deleted       HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted       HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Deleted       HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted       HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Deleted       HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Deleted       HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted       HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Deleted       HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
Deleted       HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted       HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted       HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted       HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted       HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted       HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}
Deleted       HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}
Deleted       HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}
Deleted       HKLM\Software\Classes\Prod.cap
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted       HKLM\Software\EnigmaSoftwareGroup
Deleted       HKLM\Software\InstalledBrowserExtensions
Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Deleted       HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Deleted       HKLM\Software\Reimage
Deleted       HKLM\Software\Wow6432Node\828ad1e639bf42
Deleted       HKLM\Software\Wow6432Node\DataMngr
Deleted       HKLM\Software\Wow6432Node\GlobalUpdate
Deleted       HKLM\Software\Wow6432Node\InstalledBrowserExtensions
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe
Deleted       HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
Deleted       HKLM\Software\Wow6432Node\Radio Canyon
Deleted       HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
Deleted       HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted       HKLM\Software\Wow6432Node\systweak
Deleted       HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         

Du sollst das Teil nochmal scannen lassen...nicht das alte Log was wir alle schon kennen nochmal schicken

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-10-2019
# Duration: 00:00:15
# OS:       Windows 10 Home
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]
AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]
AdwCleaner[S01].txt - [1954 octets] - [10/08/2019 10:30:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
         

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-09-2019
# Duration: 00:00:28
# OS:       Windows 10 Home
# Scanned:  35810
# Detected: 246


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.383Media           C:\Program Files (x86)\DriverWhiz
PUP.Optional.383Media           C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
PUP.Optional.BrowserSafeGuard   C:\Users\Ingo\AppData\Local\Browsersafeguard
PUP.Optional.Conduit            C:\Users\Ingo\AppData\LocalLow\Conduit
PUP.Optional.Conduit.A          C:\Users\Ingo\AppData\Roaming\RHEng
PUP.Optional.CrossRider         C:\Program Files (x86)\Radio Canyon
PUP.Optional.CrossRider         C:\Users\Ingo\AppData\LocalLow\Radio Canyon
PUP.Optional.Legacy             C:\Program Files (x86)\globalUpdate
PUP.Optional.Legacy             C:\Users\Ingo\AppData\LocalLow\FileConverter_1.3
PUP.Optional.Legacy             C:\Users\Ingo\AppData\Local\globalUpdate
PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\BabSolution
PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
PUP.Optional.Legacy             C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.OpenCandy          C:\Users\Ingo\AppData\Roaming\OpenCandy
PUP.Optional.PriceGong          C:\Users\Ingo\AppData\LocalLow\PriceGong
PUP.Optional.SlimCleanerPlus    C:\Users\Ingo\AppData\Local\slimware utilities inc
PUP.Optional.SofTonicAssistant  C:\Users\Ingo\AppData\LocalLow\Softonic
PUP.Optional.SpyHunter          C:\Program Files\Enigma Software Group
Trojan.Agent                    C:\Users\Ingo\AppData\LocalLow\iac
Trojan.Agent                    C:\Users\Ingo\AppData\Local\iac

***** [ Files ] *****

PUP.Optional.Chip               C:\Users\Ingo\Desktop\..\Downloads\HP USB DISK STORAGE FORMAT TOOL - CHIP-INSTALLER.EXE
PUP.Optional.DriverWhiz         C:\Users\Ingo\Downloads\Driverwhiz.exe
PUP.Optional.Legacy             C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\ghn2jem4.default-1464530730755\searchplugins\yahoo! powered.xml
PUP.Optional.Reimage            C:\Users\Ingo\Downloads\ReimageRepair.exe
PUP.Optional.Reimage            C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic            C:\Windows\System32\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
PUP.Adware.Heuristic            C:\Windows\Tasks\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}.job
PUP.Optional.BrowserDefender.AppFlsh C:\Windows\System32\Tasks\BROWSERDEFENDERT
PUP.Optional.Legacy             C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINECORE.JOB
PUP.Optional.Legacy             C:\Windows\Tasks\GLOBALUPDATEUPDATETASKMACHINEUA.JOB
PUP.Optional.MyPCBackup         C:\Windows\System32\Tasks\LAUNCHSIGNUP
PUP.Optional.SpyHunter          C:\Windows\System32\Tasks\SPYHUNTER4STARTUP

***** [ Registry ] *****

PUP.Adware.Heuristic            HKCU\SOFTWARE\828ad1e639bf42
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3CC190-6008-4F3E-AA0F-6269F630179F} 
PUP.Adware.Heuristic            HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64DDC394-2BAB-2409-B5DA-47D6BB12207E}
PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\828ad1e639bf42
PUP.Optional.383Media           HKCU\Software\DriverWhiz
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}
PUP.Optional.BProtect           HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
PUP.Optional.BProtector         HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD1C68F-5246-4DA8-8C5A-9B7E10DF978F}
PUP.Optional.BrowserDefender.AppFlsh HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
PUP.Optional.ByteFence          HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
PUP.Optional.ByteFence          HKCU\Software\Microsoft\Internet Explorer\DOMStorage\de.bytefence.com
PUP.Optional.Carambis           HKCU\Software\Carambis
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91330C53-DE63-4BC4-8C35-5EAD91B07A39}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A855DE02-D950-4F2B-BC82-AC9FC02FBAA5}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6266152-27DB-4638-947-1D2210C5BAC}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD2862F3-E07B-4CB4-BDE0-763EDAF8835A}
PUP.Optional.CrossRider         HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider         HKCU\Software\AppDataLow\Software\Crossrider
PUP.Optional.CrossRider         HKCU\Software\AppDataLow\Software\Radio Canyon
PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider         HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47ecbe3c-a45b-485a-82d1-d29fd6a5d1fd}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884d180c-fb47-4b33-9606-2bacd579d272}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95cf6e68-a4d2-4576-8fc4-b01fa5209f32}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e066d9a4-6d8e-472b-bc23-762ae81543f8}
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|Radio Canyon-bg.exe
PUP.Optional.CrossRider         HKLM\Software\Wow6432Node\Radio Canyon
PUP.Optional.DataMngr.AppFlsh   HKCU\Software\DataMngr
PUP.Optional.DataMngr.AppFlsh   HKLM\Software\Wow6432Node\DataMngr
PUP.Optional.InstallCore        HKCU\Software\csastats
PUP.Optional.Legacy             HKCU\Software\GlobalUpdate
PUP.Optional.Legacy             HKCU\Software\InstalledBrowserExtensions
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1ECCCA78-DB18-4E7A-965E-98E1FFF31CF3}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
PUP.Optional.Legacy             HKCU\Software\Smartbar
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{098D2EC0-DBEE-454B-9E1F-16666DC5116F}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595ADB20-906D-4F23-81A3-7FFE592BB7F9}
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
PUP.Optional.Legacy             HKLM\Software\Classes\Prod.cap
PUP.Optional.Legacy             HKLM\Software\InstalledBrowserExtensions
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader 64
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\GlobalUpdate
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\InstalledBrowserExtensions
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
PUP.Optional.MindSpark.A        HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
PUP.Optional.MindSpark.A        HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{277F000C-052F-4F45-8308-0B7705085181}
PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277F000C-052F-4F45-8308-0B7705085181}
PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin
PUP.Optional.PriceGong          HKCU\Software\AppDataLow\Software\PriceGong
PUP.Optional.ProductSetup.A     HKCU\Software\PRODUCTSETUP
PUP.Optional.Reimage            HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage            HKCU\Software\Reimage
PUP.Optional.Reimage            HKCU\Software\reimagerepair
PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine
PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine.1
PUP.Optional.Reimage            HKLM\Software\Reimage
PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
PUP.Optional.SlimCleanerPlus    HKCU\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
PUP.Optional.SlimCleanerPlus    HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.SpeedItupFree      HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpeedItupFree      HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079B8FB0-4EBB-4589-B6BD-A7929C4FEF52}
PUP.Optional.SpyHunter          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup
PUP.Optional.SpyHunter          HKLM\Software\EnigmaSoftwareGroup
PUP.Optional.SysTweak           HKLM\Software\Wow6432Node\systweak
PUP.Optional.VBatesHelper       HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates
PUP.Optional.WebBar             HKCU\Software\AppDataLow\Software\Toolbar

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames          
Preinstalled.ASUSInstantOn      
Preinstalled.ASUSLiveUpdate     
Preinstalled.ASUSProductRegistration 
Preinstalled.ASUSSmartGesture   
Preinstalled.ASUSSplendid       
Preinstalled.ASUSVibe           
Preinstalled.ASUSVirtualCamera  
Preinstalled.ASUSWebStorage     
Preinstalled.CyberLinkLabelPrint 
Preinstalled.HPJumpStartApps    
Preinstalled.LenovoPower2Go     
Preinstalled.PackardBellGamesBundle 
Preinstalled.SamsungSmartSwitch 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
         

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-10-2019
# Duration: 00:00:23
# OS:       Windows 10 Home
# Scanned:  35810
# Detected: 45


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames          
Preinstalled.ASUSInstantOn      
Preinstalled.ASUSLiveUpdate     
Preinstalled.ASUSProductRegistration 
Preinstalled.ASUSSmartGesture   
Preinstalled.ASUSSplendid       
Preinstalled.ASUSVibe           
Preinstalled.ASUSVirtualCamera  
Preinstalled.ASUSWebStorage     
Preinstalled.CyberLinkLabelPrint 
Preinstalled.LenovoPower2Go     
Preinstalled.PackardBellGamesBundle 
Preinstalled.SamsungSmartSwitch 


AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]
AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
         

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-10-2019
# Duration: 00:00:56
# OS:       Windows 10 Home
# Scanned:  35810
# Detected: 45


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.MyWebSearch        HKLM\Software\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com\Plugin

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames          
Preinstalled.ASUSInstantOn      
Preinstalled.ASUSLiveUpdate     
Preinstalled.ASUSProductRegistration 
Preinstalled.ASUSSmartGesture   
Preinstalled.ASUSSplendid       
Preinstalled.ASUSVibe           
Preinstalled.ASUSVirtualCamera  
Preinstalled.ASUSWebStorage     
Preinstalled.CyberLinkLabelPrint 
Preinstalled.LenovoPower2Go     
Preinstalled.PackardBellGamesBundle 
Preinstalled.SamsungSmartSwitch 


AdwCleaner[S00].txt - [23668 octets] - [09/08/2019 22:43:00]
AdwCleaner[C00].txt - [19816 octets] - [09/08/2019 22:44:18]
AdwCleaner[S01].txt - [1954 octets] - [10/08/2019 10:30:40]
AdwCleaner[C01].txt - [1775 octets] - [10/08/2019 10:32:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
         

habe nochmal gescannt und noch mal alles geschickt

Zitat:

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames
Preinstalled.ASUSInstantOn
Preinstalled.ASUSLiveUpdate
Preinstalled.ASUSProductRegistration
Preinstalled.ASUSSmartGesture
Preinstalled.ASUSSplendid
Preinstalled.ASUSVibe
Preinstalled.ASUSVirtualCamera
Preinstalled.ASUSWebStorage
Preinstalled.CyberLinkLabelPrint
Preinstalled.LenovoPower2Go
Preinstalled.PackardBellGamesBundle
Preinstalled.SamsungSmartSwitch

Diese vorinstallierte Software von ASUS kannst du mal deinstallieren, braucht wirklich niemand sowas.