Hallo, ich habe folgendes Problem mit der bitte um schnelle Hilfe. Sobald ich meinen Browser öffne (egal welchen) öffnen sich bei fast jedem Klick neue Tabs mit Werbeinhalten. Auf der Seite selbst wird soviel zusätzlich Werbung eingeblendet, dass die eigentlichen Inhalte nicht mehr zu erkennen sind. Das Einloggen auf Seiten funktioniert auch nicht. Nachdem ich mich mit den richtigen Daten einlogge wird dies bestätigt. Auf der Folgeseite bin ich jedoch trotz Bestätigung nicht eingeloggt.

Anbei folgende Scanergebnisse:
1) defogger_disable.log
2) FRST.txt
3) Addition.txt

GMER habe ich ausgeführt wurde jedochohneErgebnis abgebrochen.

...........................................................
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:44 on 16/01/2015 (Grischa)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

.............................................................

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Grischa (administrator) on GRISCHA-PC on 16-01-2015 12:51:56
Running from C:\Users\Grischa\Downloads
Loaded Profiles: Grischa & UpdatusUser (Available profiles: Grischa & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe
() C:\Users\Grischa\AppData\Roaming\Windows Open Service\OpenService.exe
() C:\Users\Grischa\AppData\Roaming\VOPackage\VOsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Boost Shopping) C:\Program Files (x86)\Boost\Boost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe
() C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
() C:\Program Files (x86)\Cyti Web\updateCytiWeb.exe
() C:\Program Files (x86)\Cyti Web\bin\utilCytiWeb.exe
() C:\Program Files (x86)\Cyti Web\bin\CytiWeb.expext.exe
() C:\Program Files (x86)\Cyti Web\bin\CytiWeb.BrowserAdapter.exe
() C:\Program Files (x86)\Cyti Web\bin\CytiWeb.BrowserAdapter64.exe
() C:\Program Files (x86)\Cyti Web\bin\CytiWeb.PurBrowse64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(HQ CinemaV15.01) C:\Program Files (x86)\HQCinema Pro 2.1V15.01\HQCinema Pro 2.1V15.01-bg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2721576 2014-11-11] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.exe [3224576 2015-01-14] ()
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988456 2015-01-13] (YTDownloader)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4286527983-434588079-836556742-1000\...\Run: [{F85C2196-AB3E-5CE1-E94F-D164B8C5EFCF}] => C:\Users\Grischa\AppData\Roaming\Ixiq\yncyk.exe [3743744 2014-12-08] ()
HKU\S-1-5-21-4286527983-434588079-836556742-1000\...\Run: [Boost] => C:\Program Files (x86)\Boost\Boost.exe [406232 2014-11-19] (Boost Shopping)
HKU\S-1-5-21-4286527983-434588079-836556742-1000\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [342472 2014-12-10] ()
HKU\S-1-5-21-4286527983-434588079-836556742-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.exe [3224576 2015-01-14] ()
HKU\S-1-5-21-4286527983-434588079-836556742-1000\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988456 2015-01-13] (YTDownloader)
HKU\S-1-5-21-4286527983-434588079-836556742-1000\...\MountPoints2: {e55f52bb-8ec0-11e4-9468-e811328c5f7f} - F:\AutoRun.exe
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [192616 2014-11-11] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50937;https=127.0.0.1:50937
ProxyEnable: [S-1-5-21-4286527983-434588079-836556742-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-4286527983-434588079-836556742-1000] => http=127.0.0.1:50937;https=127.0.0.1:50937
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991&q={searchTerms}
HKU\S-1-5-21-4286527983-434588079-836556742-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991
HKU\S-1-5-21-4286527983-434588079-836556742-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-4286527983-434588079-836556742-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4286527983-434588079-836556742-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-4286527983-434588079-836556742-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-4286527983-434588079-836556742-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991&q={searchTerms}
BHO: HQCinema Pro 2.1V15.01 -> {11111111-1111-1111-1111-110611901161} -> C:\Program Files (x86)\HQCinema Pro 2.1V15.01\HQCinema Pro 2.1V15.01-bho64.dll (HQ CinemaV15.01)
BHO: Boost -> {2299856A-6506-42E3-A34F-CD35A47C1B19} -> C:\Program Files (x86)\Boost\64Boost.dll (Boost)
BHO: WOwwCouPoNi -> {6ac256d8-ebbe-4a78-b7ad-09af34087e93} -> C:\ProgramData\WOwwCouPoNi\0q2rH7n5QCMCqW.x64.dll ()
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: saveer uboox -> {d3eaca5b-882d-4929-9de7-dceb21d12d2c} -> C:\ProgramData\saveer uboox\eOtGyVm5vLW3VM.x64.dll ()
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: HQCinema Pro 2.1V15.01 -> {11111111-1111-1111-1111-110611901161} -> C:\Program Files (x86)\HQCinema Pro 2.1V15.01\HQCinema Pro 2.1V15.01-bho.dll (HQ CinemaV15.01)
BHO-x32: Boost -> {2299856A-6506-42E3-A34F-CD35A47C1B19} -> C:\Program Files (x86)\Boost\Boost.dll (Boost)
BHO-x32: WOwwCouPoNi -> {6ac256d8-ebbe-4a78-b7ad-09af34087e93} -> C:\ProgramData\WOwwCouPoNi\0q2rH7n5QCMCqW.dll ()
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll (Goobzo Ltd.)
BHO-x32: Cyti Web 1.0.0.6 -> {aa2fac44-d24d-4fed-9e32-397d138365f1} -> C:\Program Files (x86)\Cyti Web\CytiWebbho.dll (Cyti Web)
BHO-x32: saveer uboox -> {d3eaca5b-882d-4929-9de7-dceb21d12d2c} -> C:\ProgramData\saveer uboox\eOtGyVm5vLW3VM.dll ()
BHO-x32: No Name -> {E6D66045-F951-4DBF-962E-993B4FB6A9E0} -> C:\Users\Grischa\AppData\LocalLow\IE-BHO\bho.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: hxxp://istart.webssearches.com/?type=hp&ts=1421335132&from=obw&uid=SAMSUNGXHM321HI_S26VJ9AB839991
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\searchplugins\google-maps.xml
FF Extension: WebSec Fox - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\Extensions\anti@fish-fox.com [2014-12-16]
FF Extension: HQCinema Pro 2.1V15.01 - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\Extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com [2015-01-15]
FF Extension: WowwCCoupoon - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\Extensions\dj@m.com [2015-01-14]
FF Extension: WEB.DE MailCheck - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\Extensions\toolbar@web.de [2014-12-18]
FF Extension: greatsaviNg - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\Extensions\zHIc1TT@4hot.org [2015-01-14]
FF Extension: Shopper-Pro - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2015-01-15]
FF Extension: Boost - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\Extensions\boost@boost.net.xpi [2014-12-04]
FF Extension: Cliqz Beta - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\Extensions\cliqz@cliqz.com.xpi [2014-11-17]
FF Extension: Cyti Web 1.0.1 - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\Extensions\{689b5bed-4e9b-4b8b-a673-3c39fb4d2820}.xpi [2015-01-15]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-12-16]
FF HKLM-x32\...\Firefox\Extensions: [sparpilot@sparpilot.com] - C:\Program Files (x86)\SparPilot\sparpilot_8.xpi
FF Extension: SparPilot - Gutscheine &amp; mehr... - C:\Program Files (x86)\SparPilot\sparpilot_8.xpi [2014-12-10]
FF HKU\S-1-5-21-4286527983-434588079-836556742-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Grischa\AppData\Roaming\Mozilla\Firefox\Profiles\6kizxwg4.default\extensions\cliqz@cliqz.com
FF HKU\S-1-5-21-4286527983-434588079-836556742-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 2f086fd2; c:\Program Files (x86)\ProcessMaker\ProcessMaker.dll [2082816 2015-01-12] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-15] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-15] (globalUpdate) [File not signed]
R2 Internet Enhancer Service; C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2015-01-05] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 OpenService; C:\Users\Grischa\AppData\Roaming\Windows Open Service\OpenService.exe [626688 2014-12-09] () [File not signed]
S2 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [437704 2014-12-10] ()
R2 servervo; C:\Users\Grischa\AppData\Roaming\VOPackage\VOsrv.exe [133120 2015-01-15] () [File not signed] <==== ATTENTION
R2 Update Cyti Web; C:\Program Files (x86)\Cyti Web\updateCytiWeb.exe [529648 2015-01-16] ()
R2 Util Cyti Web; C:\Program Files (x86)\Cyti Web\bin\utilCytiWeb.exe [529648 2015-01-16] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [X]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [X]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [X]
S2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2015-01-13] (YTDownloader)
R2 SPDRIVER_1472.0.0.0; C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.sys [52584 2015-01-14] ()
R1 {689b5bed-4e9b-4b8b-a673-3c39fb4d2820}Gw64; C:\Windows\System32\drivers\{689b5bed-4e9b-4b8b-a673-3c39fb4d2820}Gw64.sys [48784 2015-01-16] (StdLib)
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 12:51 - 2015-01-16 12:52 - 00019439 _____ () C:\Users\Grischa\Downloads\FRST.txt
2015-01-16 12:51 - 2015-01-16 12:51 - 02125312 _____ (Farbar) C:\Users\Grischa\Downloads\FRST64.exe
2015-01-16 12:51 - 2015-01-16 12:51 - 00000000 ____D () C:\FRST
2015-01-16 12:44 - 2015-01-16 12:44 - 00000476 _____ () C:\Users\Grischa\Desktop\defogger_disable.log
2015-01-16 12:44 - 2015-01-16 12:44 - 00000000 _____ () C:\Users\Grischa\defogger_reenable
2015-01-16 12:43 - 2015-01-16 12:43 - 00050477 _____ () C:\Users\Grischa\Downloads\Defogger.exe
2015-01-16 12:41 - 2015-01-16 00:42 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{689b5bed-4e9b-4b8b-a673-3c39fb4d2820}Gw64.sys
2015-01-15 16:18 - 2015-01-16 12:32 - 00005498 _____ () C:\Windows\Tasks\a58b46bc-4b16-4c41-af42-a8abc664e381-11.job
2015-01-15 16:18 - 2015-01-16 12:32 - 00005492 _____ () C:\Windows\Tasks\57ba65e8-ebe5-4c58-816d-5e84e1d6239f-11.job
2015-01-15 16:18 - 2015-01-16 12:32 - 00001346 _____ () C:\Windows\Tasks\YVUEUT.job
2015-01-15 16:18 - 2015-01-16 11:46 - 00004376 _____ () C:\Windows\Tasks\a58b46bc-4b16-4c41-af42-a8abc664e381-4.job
2015-01-15 16:18 - 2015-01-15 16:18 - 02023904 _____ (Sense+) C:\Users\Grischa\AppData\Roaming\YVUEUT.exe
2015-01-15 16:18 - 2015-01-15 16:18 - 00008528 _____ () C:\Windows\System32\Tasks\a58b46bc-4b16-4c41-af42-a8abc664e381-11
2015-01-15 16:18 - 2015-01-15 16:18 - 00008522 _____ () C:\Windows\System32\Tasks\57ba65e8-ebe5-4c58-816d-5e84e1d6239f-11
2015-01-15 16:18 - 2015-01-15 16:18 - 00006508 _____ () C:\Windows\System32\Tasks\a58b46bc-4b16-4c41-af42-a8abc664e381-4
2015-01-15 16:18 - 2015-01-15 16:18 - 00004380 _____ () C:\Windows\System32\Tasks\YVUEUT
2015-01-15 16:18 - 2015-01-15 16:18 - 00003730 _____ () C:\Windows\System32\Tasks\SMupdate1
2015-01-15 16:18 - 2015-01-15 16:18 - 00003590 _____ () C:\Windows\System32\Tasks\YTDownloader
2015-01-15 16:18 - 2015-01-15 16:18 - 00003580 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2015-01-15 16:18 - 2015-01-15 16:18 - 00001909 _____ () C:\Users\Grischa\Desktop\YTDownloader.lnk
2015-01-15 16:18 - 2015-01-15 16:18 - 00000000 ____D () C:\Users\Grischa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2015-01-15 16:18 - 2015-01-15 16:18 - 00000000 ____D () C:\Program Files (x86)\Sense
2015-01-15 16:18 - 2015-01-15 16:18 - 00000000 ____D () C:\Program Files (x86)\Ge-Force
2015-01-15 16:17 - 2015-01-15 16:18 - 00000000 ____D () C:\Program Files (x86)\YTDownloader
2015-01-15 16:17 - 2015-01-15 16:17 - 00004514 _____ () C:\Windows\System32\Tasks\ShopperPro
2015-01-15 16:17 - 2015-01-15 16:17 - 00003500 _____ () C:\Windows\System32\Tasks\SPDriver
2015-01-15 16:17 - 2015-01-15 16:17 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-01-15 16:16 - 2015-01-16 11:46 - 00000344 _____ () C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2015-01-15 16:16 - 2015-01-15 16:17 - 00003576 _____ () C:\Windows\System32\Tasks\ShopperProJSUpd
2015-01-15 16:16 - 2015-01-15 16:17 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-01-15 16:16 - 2015-01-15 16:17 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2015-01-15 16:16 - 2015-01-15 16:16 - 00301608 _____ (VuuPC Limited) C:\Users\Grischa\AppData\Local\nsy8A8C.tmp
2015-01-15 16:16 - 2015-01-15 16:16 - 00002724 _____ () C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator
2015-01-15 16:16 - 2015-01-15 16:16 - 00000860 _____ () C:\Users\Grischa\Desktop\Continue VuuPC Installation.lnk
2015-01-15 16:16 - 2015-01-15 16:16 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-01-15 16:16 - 2015-01-15 16:16 - 00000000 ____D () C:\Users\Grischa\AppData\Local\CrashRpt
2015-01-15 16:16 - 2015-01-15 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
2015-01-15 16:16 - 2015-01-15 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-15 16:15 - 2015-01-15 16:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-15 16:14 - 2015-01-15 16:16 - 00000000 ____D () C:\Users\Grischa\AppData\Roaming\VOPackage
2015-01-15 16:14 - 2015-01-15 16:14 - 00000000 ____D () C:\Users\Grischa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2015-01-15 16:13 - 2015-01-15 16:18 - 00000000 ____D () C:\Program Files (x86)\Cyti Web
2015-01-15 16:13 - 2015-01-15 16:13 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1421334798
2015-01-15 16:13 - 2015-01-15 16:13 - 00001135 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-01-15 16:13 - 2015-01-15 16:13 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-15 16:13 - 2015-01-15 16:13 - 00000000 ____D () C:\Users\Grischa\AppData\Roaming\Opera Software
2015-01-15 16:13 - 2015-01-15 16:13 - 00000000 ____D () C:\Users\Grischa\AppData\Local\Opera Software
2015-01-15 16:12 - 2015-01-16 12:32 - 00004500 _____ () C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-4.job
2015-01-15 16:12 - 2015-01-16 12:32 - 00003474 _____ () C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-1.job
2015-01-15 16:12 - 2015-01-16 12:32 - 00002452 _____ () C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5_user.job
2015-01-15 16:12 - 2015-01-16 12:32 - 00002452 _____ () C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5.job
2015-01-15 16:12 - 2015-01-16 12:32 - 00002116 _____ () C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-2.job
2015-01-15 16:12 - 2015-01-16 12:32 - 00001692 _____ () C:\Windows\Tasks\OEQQKTP.job
2015-01-15 16:12 - 2015-01-16 12:32 - 00001342 _____ () C:\Windows\Tasks\IFEO.job
2015-01-15 16:12 - 2015-01-16 12:31 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-15 16:12 - 2015-01-16 11:51 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-15 16:12 - 2015-01-16 11:46 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-01-15 16:12 - 2015-01-15 16:18 - 00003904 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-01-15 16:12 - 2015-01-15 16:18 - 00003650 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-01-15 16:12 - 2015-01-15 16:12 - 02023904 _____ (HQ CinemaV15.01) C:\Users\Grischa\AppData\Roaming\OEQQKTP.exe
2015-01-15 16:12 - 2015-01-15 16:12 - 01533408 _____ (HQ CinemaV15.01) C:\Users\Grischa\AppData\Roaming\IFEO.exe
2015-01-15 16:12 - 2015-01-15 16:12 - 00007530 _____ () C:\Windows\System32\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-4
2015-01-15 16:12 - 2015-01-15 16:12 - 00006504 _____ () C:\Windows\System32\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-1
2015-01-15 16:12 - 2015-01-15 16:12 - 00005482 _____ () C:\Windows\System32\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5
2015-01-15 16:12 - 2015-01-15 16:12 - 00005146 _____ () C:\Windows\System32\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-2
2015-01-15 16:12 - 2015-01-15 16:12 - 00004726 _____ () C:\Windows\System32\Tasks\OEQQKTP
2015-01-15 16:12 - 2015-01-15 16:12 - 00004376 _____ () C:\Windows\System32\Tasks\IFEO
2015-01-15 16:12 - 2015-01-15 16:12 - 00000000 ____D () C:\Users\Grischa\AppData\Local\globalUpdate
2015-01-15 16:12 - 2015-01-15 16:12 - 00000000 ____D () C:\Users\Grischa\AppData\Local\Boost
2015-01-15 16:12 - 2015-01-15 16:12 - 00000000 ____D () C:\Program Files (x86)\HQCinema Pro 2.1V15.01
2015-01-15 16:12 - 2015-01-15 16:12 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-15 16:12 - 2015-01-15 16:12 - 00000000 ____D () C:\Program Files (x86)\Boost
2015-01-15 16:10 - 2015-01-15 16:10 - 00596464 _____ () C:\Users\Grischa\Downloads\Avira.exe
2015-01-15 16:09 - 2015-01-15 16:09 - 00616976 _____ () C:\Users\Grischa\Downloads\avira-free-antivir(1).exe
2015-01-14 17:14 - 2015-01-14 17:14 - 00000000 ____D () C:\ProgramData\WOwwCouPoNi
2015-01-14 17:14 - 2015-01-14 17:14 - 00000000 ____D () C:\ProgramData\saveer uboox
2015-01-14 17:14 - 2015-01-14 17:14 - 00000000 ____D () C:\ProgramData\8e87820f42580969
2015-01-14 17:02 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:02 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:02 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:02 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 17:02 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 17:02 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:02 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:02 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 17:02 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 17:01 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 17:01 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 17:01 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 17:01 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-12 19:14 - 2015-01-12 19:14 - 00000000 ____D () C:\Program Files (x86)\ProcessMaker
2015-01-06 19:05 - 2015-01-06 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance
2015-01-06 19:05 - 2015-01-06 19:05 - 00000000 ____D () C:\Program Files (x86)\WaInterEnhance
2014-12-29 18:24 - 2015-01-01 18:26 - 00000000 ____D () C:\Users\Grischa\Desktop\Reisebericht
2014-12-28 19:44 - 2014-12-28 19:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2014-12-28 19:44 - 2014-12-28 19:44 - 00000000 ____D () C:\ProgramData\Internet Everywhere
2014-12-28 19:44 - 2014-12-28 19:43 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-12-28 19:44 - 2014-12-28 19:43 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2014-12-28 19:41 - 2015-01-15 16:13 - 00000000 ____D () C:\ProgramData\DatacardService
2014-12-24 13:31 - 2015-01-03 20:16 - 00000000 ____D () C:\Program Files (x86)\DriverDoc
2014-12-24 13:30 - 2014-12-24 13:30 - 03441528 _____ (Solvusoft Corporation ) C:\Users\Grischa\Downloads\Philips_GoGear_RaGa_Treiber_Update_10-2014.exe
2014-12-24 13:27 - 2014-12-24 13:27 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 14:18 - 2015-01-15 16:11 - 00000000 ____D () C:\Users\Grischa\AppData\Roaming\tor
2014-12-23 14:18 - 2015-01-06 04:56 - 00000000 ____D () C:\Users\Grischa\AppData\Roaming\Goivo
2014-12-23 14:18 - 2014-12-23 14:18 - 00000000 ____D () C:\Users\Grischa\AppData\Roaming\Ixiq
2014-12-18 13:24 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 13:24 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 10:38 - 2014-12-17 10:38 - 00772596 _____ () C:\Users\Grischa\Desktop\Untitled.skb

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 12:44 - 2014-11-11 10:14 - 00000000 ____D () C:\Users\Grischa
2015-01-16 12:41 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2015-01-16 12:33 - 2014-11-11 09:59 - 01890191 _____ () C:\Windows\WindowsUpdate.log
2015-01-16 11:53 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-16 11:53 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-16 11:51 - 2011-03-19 13:25 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2015-01-16 11:51 - 2011-03-19 13:25 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2015-01-16 11:51 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-16 11:46 - 2010-11-21 04:47 - 00005226 _____ () C:\Windows\PFRO.log
2015-01-16 11:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-16 11:46 - 2009-07-14 05:51 - 00045993 _____ () C:\Windows\setupact.log
2015-01-15 16:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-14 21:40 - 2014-11-11 16:15 - 00000000 ____D () C:\Users\Grischa\Projekte
2015-01-14 16:51 - 2014-11-11 19:05 - 00000287 _____ () C:\Users\Grischa\AppData\Local\VersionChecker_19.xml
2015-01-07 20:18 - 2014-12-16 20:16 - 00000000 ____D () C:\Program Files (x86)\Wajam
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-31 18:11 - 2014-12-09 21:42 - 00000082 _____ () C:\Users\Grischa\Documents\Powers.log
2014-12-26 19:34 - 2010-11-21 08:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-23 19:23 - 2014-11-17 20:26 - 00000000 ____D () C:\Users\Grischa\AppData\Roaming\vlc
2014-12-17 10:50 - 2014-12-16 22:39 - 00772967 _____ () C:\Users\Grischa\Desktop\Untitled.skp

Some content of TEMP:
====================
C:\Users\Grischa\AppData\Local\Temp\3015.exe
C:\Users\Grischa\AppData\Local\Temp\9139.exe
C:\Users\Grischa\AppData\Local\Temp\bbfcabfccbd.exe
C:\Users\Grischa\AppData\Local\Temp\insHv8.exe
C:\Users\Grischa\AppData\Local\Temp\InstallAX.exe
C:\Users\Grischa\AppData\Local\Temp\optprosetup.exe
C:\Users\Grischa\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 18:01

==================== End Of Log ============================

....................................................................

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Grischa at 2015-01-16 12:53:18
Running from C:\Users\Grischa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{FFB768E4-E427-4553-BC36-A11F5E62A94D}) (Version: 10.1.53.64 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Boost (HKLM-x32\...\Boost) (Version: 3.0.0.27 - Boost Shopping)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
Cyti Web (HKLM\...\Cyti Web) (Version: 2015.01.15.122341 - Cyti Web) <==== ATTENTION!
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
EasyFileShare (HKLM-x32\...\{16880765-677F-440B-B16A-BFD9B9C00012}) (Version: 1.0.12 - Samsung)
Eco Mode (HKLM-x32\...\{9A8E4762-3331-4EDB-8E1F-B11179DDBC00}) (Version: 1.0.0.13 - Samsung Electronics Co., Ltd.)
ETDWare PS/2-X64 10.0.7.2_WHQL (HKLM\...\Elantech) (Version: 10.0.7.2 - ELAN Microelectronic Corp.)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version: 6 - ) <==== ATTENTION
Ge-Force (HKLM-x32\...\Ge-Force) (Version: 1.36.01.08 - Webar)
HQCinema Pro 2.1V15.01 (HKLM-x32\...\HQCinema Pro 2.1V15.01) (Version: 1.36.01.08 - HQ CinemaV15.01)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MPC-HC 1.7.7 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.7 - MPC-HC Team)
NVIDIA Grafiktreiber 267.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.54 - NVIDIA Corporation)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
PC Speed Up (HKLM\...\PCSU-SL_is1) (Version: 3.8.3.0 - Speedchecker Limited) <==== ATTENTION
ProcessMaker (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{2f086fd2}) (Version: - Software Publisher) <==== ATTENTION
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Samsung Control Center (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Samsung Kiera2 Wireless SS 5.40.3671 (HKLM-x32\...\{8FE20896-3147-43FE-A0FA-1DE33D011511}) (Version: 5.40.3671 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.26 - Samsung)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
saveer uboox (HKLM-x32\...\{CA8C94BE-9F47-1B2E-90F8-D8C07119BD96}) (Version: - "") <==== ATTENTION
Sense (HKLM-x32\...\Sense) (Version: 1.36.01.08 - Sense+) <==== ATTENTION
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version: - ) <==== ATTENTION
SketchUp 2013 (HKLM-x32\...\{72B622C9-AA10-47D7-A10C-377CF9BC8502}) (Version: 13.0.4124 - Trimble Navigation Limited)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Vectorworks 2014 Hilfe (HKLM-x32\...\eu.computerworks.vectorworks.2014.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1) (Version: 1.1 - UNKNOWN)
Vectorworks 2014 Hilfe (x32 Version: 1.1 - UNKNOWN) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wajam (HKLM-x32\...\WaInterEnhance) (Version: 2.21.2.31 (i2.6) - WaInterEnhance) <==== ATTENTION
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
WOwwCouPoNi (HKLM-x32\...\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}) (Version: - WowCoupon) <==== ATTENTION
YTDownloader (HKLM-x32\...\YTDownloader) (Version: - YTDownloader) <==== ATTENTION!

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

03-01-2015 20:17:05 Windows Update
12-01-2015 19:27:49 Windows Update
14-01-2015 23:04:10 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {092FE357-CA31-438F-84D8-3C2F51D17764} - System32\Tasks\IFEO => C:\Users\Grischa\AppData\Roaming\IFEO.exe [2015-01-15] (HQ CinemaV15.01) <==== ATTENTION
Task: {0E54B5A6-A496-4902-ABFB-926B860C14DF} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Samsung Control Center\SCCSpeedBoot.exe [2011-05-18] (Samsung Electronics Co., Ltd.)
Task: {12955EA2-F309-42EC-B6FA-7DCC53BDEFBE} - System32\Tasks\OEQQKTP => C:\Users\Grischa\AppData\Roaming\OEQQKTP.exe [2015-01-15] (HQ CinemaV15.01) <==== ATTENTION
Task: {152CC201-C263-4DF8-AC7C-2DD1844B6CBC} - System32\Tasks\a58b46bc-4b16-4c41-af42-a8abc664e381-4 => C:\Program Files (x86)\Ge-Force\a58b46bc-4b16-4c41-af42-a8abc664e381-4.exe <==== ATTENTION
Task: {21CE1282-0A15-47F1-9FBE-502C3147BEBB} - System32\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-2 => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-2.exe [2015-01-15] (HQ CinemaV15.01) <==== ATTENTION
Task: {3C85B8F0-5EF4-482B-83CE-D67C82A11DB1} - System32\Tasks\a58b46bc-4b16-4c41-af42-a8abc664e381-11 => C:\Program Files (x86)\Ge-Force\a58b46bc-4b16-4c41-af42-a8abc664e381-11.exe [2015-01-15] (Webar) <==== ATTENTION
Task: {3EF158AE-11E7-4C3F-996D-2256EBFAC4D7} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe [2015-01-14] (Goobzo) <==== ATTENTION
Task: {47B95C51-3A60-49A7-834C-FE2777B7CF39} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {47C5B412-2805-4964-BA9F-49050DBDC6DC} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Samsung Control Center\EBM\EasyBatteryMgr4.exe [2011-05-09] (SAMSUNG Electronics co., LTD.)
Task: {4F26EC18-F86F-4E48-9B9A-6F6134936A29} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe [2015-01-13] (Goobzo) <==== ATTENTION
Task: {5536002C-E940-426F-8915-023A6411D288} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe [2011-02-17] (Samsung Electronics Co., Ltd.)
Task: {57EC4F0F-8052-4EB0-BED0-4CFC28A9FBAB} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe [2011-06-15] (Samsung Electronics Co., Ltd.)
Task: {5D14FCDA-0AF2-4020-863A-EE9618F4CEDE} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {60A355AC-291B-4C58-9F97-326F4CB306C9} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe [2014-12-10] () <==== ATTENTION
Task: {61B6CC63-8FFE-4DAC-8D75-DA267F7C4495} - System32\Tasks\{B03B5460-EC31-4963-ADB0-988997F79436} => pcalua.exe -a "C:\Windows 7 Premium 64 bit Samsung Software + Treiber\QCA_WLAN_Driver_1.0.0.1\setup.exe" -d "C:\Windows 7 Premium 64 bit Samsung Software + Treiber\QCA_WLAN_Driver_1.0.0.1"
Task: {6442FC64-2AD5-4478-89B8-3AA8253E29D2} - System32\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5_user => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5.exe [2015-01-15] (HQ CinemaV15.01) <==== ATTENTION
Task: {6B4025B1-733D-4440-81AA-7C6678880D42} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6D473C75-445F-4471-8A8A-FAE0232FB9AA} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe [2011-06-15] (Samsung Electronics Co., Ltd.)
Task: {70D2484B-A7F1-4479-B014-F841E892A73B} - System32\Tasks\EcoMode => C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe [2011-08-25] (Samsung Electronics)
Task: {73A9E62F-228C-4D5F-A71F-45A35505EE2A} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe [2011-06-04] (Samsung Electronics Co., Ltd.)
Task: {7A511004-30E0-4BE5-BBD5-369A97CA024C} - System32\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-4 => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-4.exe [2015-01-15] (HQ CinemaV15.01) <==== ATTENTION
Task: {7FE5E99F-6392-4B49-B5BF-5E1AECD812E5} - System32\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-1 => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\HQCinema Pro 2.1V15.01-codedownloader.exe [2015-01-15] (HQ CinemaV15.01) <==== ATTENTION
Task: {8D2F2ADE-4398-4245-86B7-EC63380ACE47} - System32\Tasks\YVUEUT => C:\Users\Grischa\AppData\Roaming\YVUEUT.exe [2015-01-15] (Sense+) <==== ATTENTION
Task: {9C40B13A-879E-4486-A00A-0F2B0D1BB5A7} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {A402C7CE-0C7F-4723-A05E-202C4671EAEA} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-15] (globalUpdate) <==== ATTENTION
Task: {B2AE165D-43EC-44F9-B901-7E893566E3FB} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-15] (globalUpdate) <==== ATTENTION
Task: {C3A40A15-BBEF-4434-B1F1-D49A3C7F83B3} - System32\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5 => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5.exe [2015-01-15] (HQ CinemaV15.01) <==== ATTENTION
Task: {D677E079-0A79-4840-99FA-EAABE4E74895} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {D74FC41E-794B-4AF6-AC6C-63A99E28F869} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-04-17] (SAMSUNG Electronics)
Task: {DD5EC510-C671-4535-8326-8364D692D583} - System32\Tasks\57ba65e8-ebe5-4c58-816d-5e84e1d6239f-11 => C:\Program Files (x86)\Sense\57ba65e8-ebe5-4c58-816d-5e84e1d6239f-11.exe [2015-01-15] (Sense+) <==== ATTENTION
Task: {E2DD2C42-5830-40E7-8813-06230D791712} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {E8491958-CC11-40B5-8407-F1EF7227C2F4} - System32\Tasks\Opera scheduled Autoupdate 1421334798 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-16] (Opera Software)
Task: {EDED96A1-3406-4DBD-A881-477A7E3DB88C} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe [2015-01-14] (Goobzo LTD) <==== ATTENTION
Task: {F8EB638E-AC7A-43ED-A5A5-DC8BBBDD6DF3} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.exe [2015-01-14] () <==== ATTENTION
Task: {FAF2E20C-2C22-4D69-82BE-C375F5A1DC5B} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2015-01-13] (YTDownloader) <==== ATTENTION
Task: C:\Windows\Tasks\57ba65e8-ebe5-4c58-816d-5e84e1d6239f-11.job => C:\Program Files (x86)\Sense\57ba65e8-ebe5-4c58-816d-5e84e1d6239f-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\a58b46bc-4b16-4c41-af42-a8abc664e381-11.job => C:\Program Files (x86)\Ge-Force\a58b46bc-4b16-4c41-af42-a8abc664e381-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\a58b46bc-4b16-4c41-af42-a8abc664e381-4.job => C:\Program Files (x86)\Ge-Force\a58b46bc-4b16-4c41-af42-a8abc664e381-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-1.job => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\HQCinema Pro 2.1V15.01-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-2.job => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-4.job => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5.job => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5_user.job => C:\Program Files (x86)\HQCinema Pro 2.1V15.01\c4957534-e2b3-4172-b0aa-2d07dcd4ec57-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\IFEO.job => C:\Users\Grischa\AppData\Roaming\IFEO.exe <==== ATTENTION
Task: C:\Windows\Tasks\OEQQKTP.job => C:\Users\Grischa\AppData\Roaming\OEQQKTP.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe <==== ATTENTION
Task: C:\Windows\Tasks\YVUEUT.job => C:\Users\Grischa\AppData\Roaming\YVUEUT.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2015-01-05 16:39 - 2015-01-05 16:39 - 00312320 _____ () C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe
2014-12-16 20:15 - 2014-12-09 08:17 - 00626688 _____ () C:\Users\Grischa\AppData\Roaming\Windows Open Service\OpenService.exe
2015-01-15 16:16 - 2015-01-15 16:16 - 00133120 _____ () C:\Users\Grischa\AppData\Roaming\VOPackage\VOsrv.exe
2015-01-05 16:39 - 2015-01-05 16:39 - 00083456 _____ () C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancer.exe
2015-01-15 16:16 - 2014-12-10 16:04 - 00342472 _____ () C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
2012-01-10 13:12 - 2014-11-11 10:41 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2015-01-15 13:28 - 2015-01-16 12:37 - 00529648 _____ () C:\Program Files (x86)\Cyti Web\updateCytiWeb.exe
2015-01-15 16:18 - 2015-01-16 12:40 - 00529648 _____ () C:\Program Files (x86)\Cyti Web\bin\utilCytiWeb.exe
2015-01-16 12:41 - 2015-01-16 00:49 - 00101616 _____ () C:\Program Files (x86)\Cyti Web\bin\CytiWeb.expext.exe
2015-01-16 12:41 - 2015-01-16 09:41 - 00104176 _____ () C:\Program Files (x86)\Cyti Web\bin\CytiWeb.BrowserAdapter.exe
2015-01-16 12:41 - 2015-01-16 09:41 - 00121584 _____ () C:\Program Files (x86)\Cyti Web\bin\CytiWeb.BrowserAdapter64.exe
2015-01-16 12:41 - 2015-01-16 00:42 - 00353008 _____ () C:\Program Files (x86)\Cyti Web\bin\CytiWeb.PurBrowse64.exe
2015-01-12 19:14 - 2015-01-12 19:14 - 02082816 _____ () c:\Program Files (x86)\ProcessMaker\ProcessMaker.dll
2014-12-16 20:15 - 2014-12-16 20:15 - 00374272 _____ () C:\Users\Grischa\AppData\Roaming\Windows Open Service\sub\default.dll
2014-11-13 18:49 - 2014-11-13 18:49 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\17c296575fad30d021e6370dc70cf800\IsdiInterop.ni.dll
2014-11-11 11:15 - 2011-02-18 08:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-11 15:18 - 2014-11-11 10:40 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-11-11 11:45 - 2011-02-17 01:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Samsung Control Center\WinCRT.dll
2015-01-15 16:16 - 2014-12-10 16:04 - 00583712 _____ () C:\Program Files (x86)\PC Speed Up\sqlite3.dll
2015-01-15 16:16 - 2014-12-10 16:04 - 00440776 _____ () C:\Program Files (x86)\PC Speed Up\PopupNotification.dll
2014-11-11 11:45 - 2006-08-12 12:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Samsung Control Center\HookDllPS2.dll
2015-01-16 12:41 - 2015-01-16 00:49 - 00082160 _____ () C:\Program Files (x86)\Cyti Web\bin\CytiWeb.expextdll.dll
2015-01-14 17:14 - 2015-01-14 17:14 - 00566272 _____ () C:\ProgramData\WOwwCouPoNi\0q2rH7n5QCMCqW.dll
2015-01-14 17:14 - 2015-01-14 17:14 - 00566272 _____ () C:\ProgramData\saveer uboox\eOtGyVm5vLW3VM.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4286527983-434588079-836556742-500 - Administrator - Disabled)
Gast (S-1-5-21-4286527983-434588079-836556742-501 - Limited - Disabled)
Grischa (S-1-5-21-4286527983-434588079-836556742-1000 - Administrator - Enabled) => C:\Users\Grischa
HomeGroupUser$ (S-1-5-21-4286527983-434588079-836556742-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-4286527983-434588079-836556742-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2015 00:37:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jsdrv.exe, Version: 1472.0.0.0, Zeitstempel: 0x54b6b14a
Name des fehlerhaften Moduls: jsdrv.exe, Version: 1472.0.0.0, Zeitstempel: 0x54b6b14a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0011149f
ID des fehlerhaften Prozesses: 0x530
Startzeit der fehlerhaften Anwendung: 0xjsdrv.exe0
Pfad der fehlerhaften Anwendung: jsdrv.exe1
Pfad des fehlerhaften Moduls: jsdrv.exe2
Berichtskennung: jsdrv.exe3

Error: (01/16/2015 00:32:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 4.0.60310.0, Zeitstempel: 0x4d786814
Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60310.0, Zeitstempel: 0x4d786298
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0000bf68
ID des fehlerhaften Prozesses: 0x1160
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3

Error: (01/16/2015 11:48:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 11:46:30 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (01/16/2015 11:46:30 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (01/16/2015 11:46:30 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (01/15/2015 04:18:47 PM) (Source: MsiInstaller) (EventID: 11309) (User: Grischa-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.

Error: (01/15/2015 04:17:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1024
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (01/15/2015 04:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 4.0.60310.0, Zeitstempel: 0x4d786814
Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60310.0, Zeitstempel: 0x4d786298
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x00001463
ID des fehlerhaften Prozesses: 0x15b4
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3

Error: (01/15/2015 04:12:19 PM) (Source: MsiInstaller) (EventID: 11309) (User: Grischa-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.


System errors:
=============
Error: (01/16/2015 00:46:32 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (01/16/2015 00:46:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (01/16/2015 11:46:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (01/16/2015 11:46:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Registry Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (01/16/2015 11:46:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (01/16/2015 11:46:30 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 126

Error: (01/16/2015 11:46:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PC Speed Up Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/16/2015 11:46:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PC Speed Up Service erreicht.

Error: (01/16/2015 11:46:10 AM) (Source: volmgr) (EventID: 49) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physikalischen Speicher abbilden zu können.

Error: (01/15/2015 03:41:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (01/16/2015 00:37:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jsdrv.exe1472.0.0.054b6b14ajsdrv.exe1472.0.0.054b6b14ac00000050011149f53001d031800f74be83C:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.exeC:\Program Files (x86)\ShopperPro\JSDriver\1472.0.0.0\jsdrv.exe1c69ca79-9d74-11e4-8c30-dca97118f5d2

Error: (01/16/2015 00:32:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sllauncher.exe4.0.60310.04d786814coreclr.dll4.0.60310.04d786298c00000fd0000bf68116001d03180112d3530C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exeC:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\coreclr.dll56134d46-9d73-11e4-8c30-dca97118f5d2

Error: (01/16/2015 11:48:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 11:46:30 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900

Error: (01/16/2015 11:46:30 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900

Error: (01/16/2015 11:46:30 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900

Error: (01/15/2015 04:18:47 PM) (Source: MsiInstaller) (EventID: 11309) (User: Grischa-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/15/2015 04:17:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425102401d030d6147fa432C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll90ca0719-9cc9-11e4-902b-dca97118f5d2

Error: (01/15/2015 04:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sllauncher.exe4.0.60310.04d786814coreclr.dll4.0.60310.04d786298c00000fd0000146315b401d030d6402cd1cdC:\Program Files (x86)\Microsoft Silverlight\sllauncher.exeC:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\coreclr.dll81f67e12-9cc9-11e4-902b-dca97118f5d2

Error: (01/15/2015 04:12:19 PM) (Source: MsiInstaller) (EventID: 11309) (User: Grischa-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 66%
Total physical RAM: 4009.55 MB
Available physical RAM: 1359.98 MB
Total Pagefile: 8317.28 MB
Available Pagefile: 5103.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.01 GB) (Free:53.87 GB) NTFS
Drive d: () (Fixed) (Total:163.77 GB) (Free:158.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: CEA5D4BA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=163.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=24.2 GB) - (Type=27)

==================== End Of Log ============================

Danke im Vorraus!

Zitat:

Zitat von drohjaner82

Sobald ich meinen Browser öffne (egal welchen) öffnen sich bei fast jedem Klick neue Tabs mit Werbeinhalten.

Kein Wunder...



Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

• Bitte arbeite alle Schritte der Reihe nach ab.
• Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
• Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
• Bitte kein Crossposting (posten in mehreren Foren).
• Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
• Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
• Poste die Logfiles direkt in Deinen Thread in Code-Tags.
• Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:


Schritt 1

Bitte deinstalliere folgende Programme:

Cyti Web
Foxy Secure
PC Speed Up
ProcessMaker
Remote Desktop Access
saveer uboox
Sense
Shopper-Pro
Wajam
WOwwCouPoNi
YTDownloader


Versuche es bei Windows 7 zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung

• Starte die Revouninstaller.exe
• Klicke auf Optionen und wähle als Sprache Deutsch.
• Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
  Klicke jedes Mal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.