Auf bestimmten Browserseiten erscheint immer die Meldung DNS_PROBE_FINISHED_NXDOMAIN

helgasee · 14.11.2015, 13:17

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Helga Seemannn (Administrator) auf HELGA (14-11-2015 13:10:03)
Gestartet von C:\Users\Helga Seemannn\Desktop
Geladene Profile: Helga Seemannn (Verfügbare Profile: Helga Seemannn & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Stefan Moka) C:\Launcher31B19\Launcher.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-04] (Synaptics Incorporated)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [981888 2011-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-06-01] (Intel(R) Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [BatteryManager] => C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [285608 2011-09-23] (TOSHIBA Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-05] (TOSHIBA)
HKLM-x32\...\Run: [TOSDCR] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe [169296 2007-08-28] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoStrCmpLogical] 1
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\...\Run: [Quickstart - Toolbar] => C:\Launcher31B19\Launcher.exe [260096 2008-04-01] (Stefan Moka)
HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\...\Run: [Hoffnung fuer heute] => C:\Program Files (x86)\ComBib\Hoffnung fuer heute\Hoffnung fuer heute.exe [2568192 2013-12-02] (combib)
HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1163264 2015-03-30] (Ruiware LLC)
HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\...\Run: [GoogleChromeAutoLaunch_E7AB2F37F5105CE78BDE76BDD71ECAE2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [58632 2015-09-15] (Lamantine Software a.s.)
HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PAUSEN~1.SCR
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helga Seemannn\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helga Seemannn\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helga Seemannn\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helga Seemannn\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helga Seemannn\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helga Seemannn\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helga Seemannn\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\Users\Helga Seemannn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hoffnung  fuer heute.LNK [2015-04-28]
ShortcutTarget: Hoffnung  fuer heute.LNK -> C:\Program Files (x86)\ComBib\Hoffnung fuer heute\Hoffnung fuer heute.exe (combib)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5EB5ED0D-7BAC-43FF-9CC1-639D4FA0B3D6}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{FEB75C66-8A22-4778-9161-C8C8FC7065C3}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.1und1.de/links/home
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.1und1.de/links/home
HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {99D331A2-3627-4636-B765-B46E28C10000} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKLM-x32 -> {99D331A2-3627-4636-B765-B46E28C10000} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKU\.DEFAULT -> DefaultScope {99D331A2-3627-4636-B765-B46E28C10000} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKU\.DEFAULT -> {02CBF00E-9559-4228-8B44-6575305FEAA1} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {06CAC8AE-5BA1-4068-AE90-21ABF6316F8F} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\.DEFAULT -> {7C78C194-882E-4238-B0B4-053AC4247E84} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\.DEFAULT -> {99D331A2-3627-4636-B765-B46E28C10000} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKU\.DEFAULT -> {E36AD100-A53E-400E-9E96-92DD0BCAC721} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4063226719-3667356119-3298405193-1001 -> DefaultScope {BA8305C6-E5BD-4C89-8B52-89AAECF54711} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\S-1-5-21-4063226719-3667356119-3298405193-1001 -> {710D5225-9A3C-4F7E-AA5B-C1EC23D3F7D9} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\S-1-5-21-4063226719-3667356119-3298405193-1001 -> {BA8305C6-E5BD-4C89-8B52-89AAECF54711} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\S-1-5-21-4063226719-3667356119-3298405193-1001 -> {D7F9BFA8-EF0F-42A3-B22A-3E5690EEE526} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4063226719-3667356119-3298405193-1001 -> {F5207CDB-088F-4996-B238-122B8E910E75} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-10] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-10] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-10] (AO Kaspersky Lab)
BHO-x32: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\SysWow64\ieconfig_1und1.dll [2014-05-31] (mquadr.at software engineering und consulting GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-10] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-10] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-10] (AO Kaspersky Lab)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} 
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Helga Seemannn\AppData\Roaming\Mozilla\Firefox\Profiles\90rc9n7r.default
FF SelectedSearchEngine: Yahoo!
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_35 -> C:\windows\system32\npdeployJava1.dll [2012-09-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20120328-0404 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-10] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2012-06-21] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-01-21] ()
FF Plugin HKU\S-1-5-21-4063226719-3667356119-3298405193-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Helga Seemannn\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-4063226719-3667356119-3298405193-1001: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll [2015-09-15] (Lamantine Software a.s.)
FF Plugin ProgramFiles/Appdata: C:\Users\Helga Seemannn\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-10-26] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Helga Seemannn\AppData\Roaming\Mozilla\Firefox\Profiles\90rc9n7r.default\searchplugins\englische-ergebnisse.xml [2013-02-11]
FF SearchPlugin: C:\Users\Helga Seemannn\AppData\Roaming\Mozilla\Firefox\Profiles\90rc9n7r.default\searchplugins\gmx-suche.xml [2013-02-11]
FF SearchPlugin: C:\Users\Helga Seemannn\AppData\Roaming\Mozilla\Firefox\Profiles\90rc9n7r.default\searchplugins\lastminute.xml [2013-02-11]
FF SearchPlugin: C:\Users\Helga Seemannn\AppData\Roaming\Mozilla\Firefox\Profiles\90rc9n7r.default\searchplugins\webde-suche.xml [2013-02-11]
FF Extension: DictionarySearch - C:\Users\Helga Seemannn\AppData\Roaming\Mozilla\Firefox\Profiles\90rc9n7r.default\Extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}.xpi [2015-06-20] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Helga Seemannn\AppData\Roaming\Mozilla\Firefox\Profiles\90rc9n7r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-04] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-09] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-11-10] [ist nicht signiert]
FF HKU\S-1-5-21-4063226719-3667356119-3298405193-1001\...\Thunderbird\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Helga Seemannn\AppData\Roaming\Lamantine\Sticky Password\spAutofill
FF Extension: Sticky Password Autofill Engine - C:\Users\Helga Seemannn\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2015-10-04] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [nicht gefunden]
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [nicht gefunden]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR Profile: C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-25]
CHR Extension: (Google Drive) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-08-06]
CHR Extension: (YouTube) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Kaspersky Protection) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-26]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2015-11-11]
CHR Extension: (SiteAdvisor) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-03]
CHR Extension: (Sticky Password Autofill Engine) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggepjhbdgijjkbelnggboeoehacbphed [2015-06-02]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-02-25]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-02-25]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2015-11-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (ImTranslator: Übersetzer, Wörterbuch, Sprach) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2015-11-11]
CHR Extension: (Jewels HD) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmonmpnlegnelddekgpmmhileohhpma [2015-02-25]
CHR Extension: (Google Mail) - C:\Users\Helga Seemannn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-08-25]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-26] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-07-16] (Foxit Software Inc.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-08-04] (Nero AG)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [Datei ist nicht signiert]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S2 MBAMService; C:\Users\Helga Seemannn\Desktop\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-06-01] ()
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2015-01-30] () [Datei ist nicht signiert]
R2 serviceIEConfig; C:\Windows\SysWOW64\ieconfig_1und1_svc.exe [1053848 2014-05-31] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1419576 2014-12-05] (Motorola Solutions, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [34840 2013-08-29] (Connectify)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\windows\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-14] (Lenovo)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-11-10] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-11-10] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-11-10] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-04-15] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-08-13] (Intel Corporation)
R1 RawDisk3; C:\windows\system32\drivers\rawdsk3.sys [32912 2014-07-13] (EldoS Corporation)
R3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2014-12-29] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\HELGAS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U3 DfSdkS; kein ImagePath
U3 JavaQuickStarterService; kein ImagePath
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-13 21:28 - 2015-11-13 21:28 - 00001215 _____ C:\Users\Helga Seemannn\Desktop\Protokoll 13nov2015.txt
2015-11-13 21:19 - 2015-11-13 21:19 - 00002282 _____ C:\Users\Helga Seemannn\Desktop\anti malware ergebnis.txt
2015-11-13 20:52 - 2015-11-13 20:52 - 00000790 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-13 20:52 - 2015-11-13 20:52 - 00000000 ____D C:\Users\Helga Seemannn\Desktop\ Malwarebytes Anti-Malware 
2015-11-13 20:48 - 2015-11-13 20:50 - 22908888 _____ (Malwarebytes ) C:\Users\Helga Seemannn\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-13 20:41 - 2015-11-13 20:41 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-13 20:35 - 2015-11-13 20:35 - 00011778 _____ C:\Users\Helga Seemannn\Desktop\AdwCleaner[S1].txt
2015-11-13 20:30 - 2015-11-13 20:41 - 00000000 ____D C:\AdwCleaner
2015-11-13 20:27 - 2015-11-13 20:27 - 01729536 _____ C:\Users\Helga Seemannn\Desktop\AdwCleaner_5.020.exe
2015-11-13 19:40 - 2015-11-13 21:32 - 00062985 _____ C:\Users\Helga Seemannn\Desktop\Addition.txt
2015-11-13 19:39 - 2015-11-14 13:10 - 00034240 _____ C:\Users\Helga Seemannn\Desktop\FRST.txt
2015-11-13 19:39 - 2015-11-14 13:10 - 00000000 ____D C:\FRST
2015-11-13 19:37 - 2015-11-13 19:37 - 02198528 _____ (Farbar) C:\Users\Helga Seemannn\Desktop\FRST64.exe
2015-11-11 19:44 - 2015-11-11 19:44 - 00001103 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2015-11-11 19:44 - 2015-11-11 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2015-11-11 03:17 - 2015-11-11 03:18 - 00000000 ____D C:\Users\Helga Seemannn\AppData\Local\{9AF87157-8097-4F92-97F4-74B677C1F69F}
2015-11-10 12:19 - 2015-11-10 12:19 - 00498160 _____ (Intel Corporation) C:\windows\system32\Drivers\e1c62x64.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-14 13:10 - 2014-03-26 06:58 - 00002886 _____ C:\windows\System32\Tasks\Driver Booster SkipUAC (Helga Seemannn)
2015-11-14 13:09 - 2015-02-25 18:35 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-14 13:09 - 2014-09-01 11:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-11-14 13:09 - 2013-06-22 07:18 - 00000000 ____D C:\Users\Helga Seemannn\AppData\Local\HTC MediaHub
2015-11-14 13:08 - 2015-07-28 10:39 - 01752991 _____ C:\windows\WindowsUpdate.log
2015-11-14 13:08 - 2015-07-25 08:06 - 00004456 _____ C:\windows\PFRO.log
2015-11-14 13:08 - 2015-07-10 10:48 - 00014056 _____ C:\windows\setupact.log
2015-11-14 13:08 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-14 13:08 - 2009-07-14 05:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-14 13:08 - 2009-07-14 05:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-14 13:02 - 2012-09-26 14:15 - 00000000 ____D C:\Users\Helga Seemannn\AppData\LocalLow\Temp
2015-11-14 12:53 - 2015-06-19 21:18 - 00000712 _____ C:\windows\Tasks\G2MUploadTask-S-1-5-21-4063226719-3667356119-3298405193-1001.job
2015-11-14 12:53 - 2015-06-09 17:52 - 00000616 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-4063226719-3667356119-3298405193-1001.job
2015-11-14 12:53 - 2015-02-25 18:35 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-14 12:53 - 2012-07-22 05:37 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-13 21:44 - 2013-12-26 10:56 - 00000000 ____D C:\Users\Helga Seemannn\AppData\Roaming\XYplorer
2015-11-13 21:44 - 2012-01-22 09:19 - 00000000 ____D C:\Users\Helga Seemannn\AppData\Roaming\Thunderbird
2015-11-13 21:26 - 2011-02-11 09:21 - 20468582 _____ C:\windows\system32\perfh007.dat
2015-11-13 21:26 - 2011-02-11 09:21 - 06584434 _____ C:\windows\system32\perfc007.dat
2015-11-13 21:26 - 2009-07-14 06:13 - 00006268 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-13 21:25 - 2015-05-30 07:26 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-13 20:52 - 2015-05-30 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-13 16:50 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-11-12 09:49 - 2014-03-20 08:44 - 00000000 ___SD C:\Users\Helga Seemannn\Documents\Sticky Passwords
2015-11-11 20:21 - 2012-01-20 22:07 - 00000000 ____D C:\Users\Helga Seemannn\AppData\Roaming\Skype
2015-11-11 19:44 - 2014-03-20 08:44 - 00000000 ____D C:\Program Files (x86)\Sticky Password
2015-11-11 18:58 - 2012-03-12 20:36 - 00000000 ____D C:\Users\Helga Seemannn\AppData\Roaming\Simple Sudoku
2015-11-11 15:53 - 2015-06-19 21:18 - 00003750 _____ C:\windows\System32\Tasks\G2MUploadTask-S-1-5-21-4063226719-3667356119-3298405193-1001
2015-11-11 15:53 - 2015-06-09 17:52 - 00003654 _____ C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4063226719-3667356119-3298405193-1001
2015-11-11 15:52 - 2012-07-22 05:37 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-11-11 15:52 - 2012-04-04 18:46 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 15:52 - 2012-01-22 14:17 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 12:10 - 2015-10-13 09:28 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-11 10:35 - 2011-10-16 21:51 - 00000000 ____D C:\ProgramData\Skype
2015-11-11 05:11 - 2012-01-26 22:01 - 00000000 ____D C:\Users\Helga Seemannn\AppData\Local\Windows Live
2015-11-10 12:39 - 2015-06-30 00:05 - 00940936 _____ (AO Kaspersky Lab) C:\windows\system32\Drivers\klif.sys
2015-11-10 12:39 - 2015-06-30 00:05 - 00181640 _____ (AO Kaspersky Lab) C:\windows\system32\Drivers\klflt.sys
2015-11-10 12:31 - 2015-06-08 09:53 - 00002157 _____ C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-11-10 12:29 - 2015-07-04 01:18 - 00227000 _____ (AO Kaspersky Lab) C:\windows\system32\Drivers\klhk.sys
2015-11-10 12:27 - 2015-08-27 06:27 - 00000000 ____D C:\Users\Helga Seemannn\.oracle_jre_usage
2015-11-10 12:27 - 2015-03-03 09:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-10 12:27 - 2013-12-26 10:07 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-10 12:27 - 2013-12-26 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-10 12:26 - 2012-01-22 13:15 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-10 12:12 - 2014-11-21 08:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-10 12:11 - 2014-02-11 15:10 - 00000000 ____D C:\ProgramData\ProductData

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-01-23 15:56 - 2012-09-29 11:37 - 0000377 _____ () C:\Users\Helga Seemannn\AppData\Roaming\burnaware.ini
2012-03-16 19:55 - 2013-03-14 08:30 - 0001955 _____ () C:\Users\Helga Seemannn\AppData\Roaming\SAS7_000.DAT
2014-09-01 09:18 - 2015-03-05 07:21 - 0000329 _____ () C:\Users\Helga Seemannn\AppData\Roaming\TIUQO
2014-09-01 09:18 - 2015-03-05 07:21 - 0000329 _____ () C:\Users\Helga Seemannn\AppData\Roaming\TNNS
2013-09-27 09:09 - 2013-09-27 09:09 - 0000094 _____ () C:\Users\Helga Seemannn\AppData\Roaming\WB.CFG
2013-09-27 09:09 - 2013-09-27 09:09 - 0000005 _____ () C:\Users\Helga Seemannn\AppData\Roaming\WBPU-TTL.DAT
2012-01-26 22:14 - 2013-08-18 13:37 - 0018944 _____ () C:\Users\Helga Seemannn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-23 18:52 - 2012-01-23 18:52 - 0000058 _____ () C:\Users\Helga Seemannn\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2012-01-24 10:58 - 2012-01-24 10:58 - 0002247 _____ () C:\Users\Helga Seemannn\AppData\Local\FastClean.20120124.105811.txt
2012-08-25 10:12 - 2012-08-25 10:12 - 0002269 _____ () C:\Users\Helga Seemannn\AppData\Local\FastClean.20120825.111256.txt
2012-12-15 08:20 - 2012-12-15 08:20 - 0000036 _____ () C:\Users\Helga Seemannn\AppData\Local\housecall.guid.cache
2012-01-21 12:46 - 2012-06-06 09:01 - 0007598 _____ () C:\Users\Helga Seemannn\AppData\Local\resmon.resmoncfg
2013-05-15 07:25 - 2013-05-15 07:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-01-22 13:21 - 2012-01-30 08:02 - 0000219 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Helga Seemannn\cm_setup.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 13:37

==================== Ende von FRST.txt ============================

Auf bestimmten Browserseiten erscheint immer die Meldung DNS_PROBE_FINISHED_NXDOMAIN

Plagegeister aller Art und deren Bekämpfung: Auf bestimmten Browserseiten erscheint immer die Meldung DNS_PROBE_FINISHED_NXDOMAIN

ok, habe soweit alles ausgeführt

Ähnliche Themen: Auf bestimmten Browserseiten erscheint immer die Meldung DNS_PROBE_FINISHED_NXDOMAIN