|   | Schgazbarek | 25.10.2013 20:27 |  
 Es ist mir so peinlich. Da ich aber unter einer ganzer Reihe von Blinden wenigstens als einäugiger Computernutzer gelte, habe ich heute versucht, einer Musikerkollegin mit Ihrer Homepage zu helfen. Diese hatte sich -wie sie sagt- nach und nach aufgelöst, sei "fleckig" geworden und sei jetzt gar nicht mehr sichtbar. 
Sie gab mir ihr Passwort und ich bin mit einem FTP-Program auf ihrem Webspace nachschauen gegangen. Die index.html hatte 0 Bytes aber dafür gab es sehr viele andere html-Dateien, die nur mit mehrstelligen Nummern gekennzeichnet waren. Ich lud zwei davon auf meinen PC um nachzuschauen, was da drauf sei. Gleich, als mich die barbusigen Damen mit allerhand Einladungen und Aufforderungen begrüßten, wusste ich, dass das ein Fehler war.  
Ich habe meine Kiste mit MBAM gescannt und es wurde sogleich ein böser Junge gefunden.  
Hier  die Logdatei:  Code: 
 Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org
 
 Datenbank Version: v2013.10.25.06
 
 Windows 7 Service Pack 1 x86 NTFS
 Internet Explorer 10.0.9200.16721
 Win7 :: WIN7-PC [Administrator]
 
 25.10.2013 20:52:19
 mbam-log-2013-10-25 (20-52-19).txt
 
 Art des Suchlaufs: Quick-Scan
 Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
 Deaktivierte Suchlaufeinstellungen: P2P
 Durchsuchte Objekte: 195700
 Laufzeit: 6 Minute(n), 48 Sekunde(n)
 
 Infizierte Speicherprozesse: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Speichermodule: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Registrierungsschlüssel: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Registrierungswerte: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Dateiobjekte der Registrierung: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Verzeichnisse: 0
 (Keine bösartigen Objekte gefunden)
 
 Infizierte Dateien: 1
 C:\Users\Win7\Downloads\SFInstaller_SFFZ_filezilla_8979715_.exe (PUP.Optional.Spigot.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 
 (Ende)
 Da ich ja schon weiss, was gebraucht wird:  
FRST:  
FRST Logfile:  
FRST Logfile:  
FRST Logfile:   Code: 
 Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-10-2013Ran by Win7 (administrator) on WIN7-PC on 25-10-2013 21:12:58
 Running from C:\Users\Win7\Desktop
 Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
 Internet Explorer Version 10
 Boot Mode: Normal
 
 ==================== Processes (Whitelisted) ===================
 
 (AMD) C:\Windows\system32\atiesrxx.exe
 (AMD) C:\Windows\system32\atieclxx.exe
 (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
 (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
 (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
 (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
 (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
 (VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
 (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
 (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
 (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
 
 ==================== Registry (Whitelisted) ==================
 
 HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3743344 2011-08-01] (VIA)
 HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
 HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3567800 2013-10-25] (AVAST Software)
 HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
 
 ==================== Internet (Whitelisted) ====================
 
 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA6DBD5EB2A1CCE01
 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
 SearchScopes: HKLM - DefaultScope value is missing.
 BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
 BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
 Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
 Handler: AutorunsDisabled - No CLSID Value -
 Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
 FireFox:
 ========
 FF ProfilePath: C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\fwlgc5x7.default
 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
 FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
 FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
 FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
 FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
 FF Plugin: @Musicnotes.com/Musicnotes Viewer - C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
 FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
 FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
 FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
 FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
 FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
 FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
 FF Extension: Flashblock - C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\fwlgc5x7.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
 FF Extension: noscript - C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\fwlgc5x7.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
 FF Extension: No Name - C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\fwlgc5x7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
 FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
 
 ========================== Services (Whitelisted) =================
 
 R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-28] (Advanced Micro Devices, Inc.)
 S4 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
 R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-24] (AVAST Software)
 S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [179088 2013-10-24] (AVAST Software)
 R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
 R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
 R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
 S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-07-12] (VIA Technologies, Inc.)
 S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]
 
 ==================== Drivers (Whitelisted) ====================
 
 S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [462952 2009-07-16] (AfaTech                  )
 R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
 R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2010-06-29] (Advanced Micro Devices Inc.)
 R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [66688 2011-04-15] (Advanced Micro Devices)
 R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [33408 2011-04-15] (Advanced Micro Devices)
 R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
 R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [35656 2013-10-24] (AVAST Software)
 R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-10-24] (AVAST Software)
 R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-10-24] (AVAST Software)
 R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-24] ()
 R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-10-24] (AVAST Software)
 R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-10-24] (AVAST Software)
 R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-10-24] (AVAST Software)
 R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-10-24] ()
 S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [642560 2010-04-02] (AVerMedia TECHNOLOGIES, Inc.)
 R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [44544 2009-08-24] (AzureWave Technologies, Inc.)
 S4 btiaa2dp; C:\Windows\System32\drivers\btiaa2dp.sys [67456 2008-09-16] (iAnywhere Solutions)
 S4 BTiAPan; C:\Windows\System32\DRIVERS\btiapan.sys [30720 2008-09-16] (iAnywhere Solutions)
 S4 btiarcp; C:\Windows\System32\DRIVERS\btiarcp.sys [9216 2008-07-30] (iAnywhere Solutions)
 S4 btiaspp; C:\Windows\System32\DRIVERS\btiaspp.sys [79744 2008-09-16] (iAnywhere Solutions)
 S4 BTIAUSB; C:\Windows\System32\DRIVERS\btiausb.sys [23808 2008-11-14] (iAnywhere Solutions)
 S4 BTPROT; C:\Windows\System32\DRIVERS\btprot.sys [484096 2008-11-14] (iAnywhere Solutions)
 S4 iAnywhere_btAudio; C:\Windows\System32\drivers\btiasco.sys [19712 2008-07-30] (iAnywhere Solutions)
 R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [14848 2010-06-19] (Siliten)
 R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
 S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10.sys [52096 2010-10-01] (Generic USB smartcard reader)
 R3 mod7700; C:\Windows\System32\Drivers\mod7700.sys [914816 2010-11-19] (DiBcom SA)
 R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1810032 2011-07-12] (VIA Technologies, Inc.)
 U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
 S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [x]
 S3 catchme; \??\C:\Users\Win7\AppData\Local\Temp\catchme.sys [x]
 S3 gdrv; \??\C:\Windows\gdrv.sys [x]
 
 ==================== NetSvcs (Whitelisted) ===================
 
 
 ==================== One Month Created Files and Folders ========
 
 2013-10-25 21:12 - 2013-10-25 21:12 - 01088465 _____ (Farbar) C:\Users\Win7\Desktop\FRST.exe
 2013-10-25 21:12 - 2013-10-25 21:12 - 00000000 ____D C:\FRST
 2013-10-25 20:51 - 2013-10-25 20:51 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
 2013-10-25 20:51 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
 2013-10-25 20:50 - 2013-10-25 20:50 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Win7\Desktop\mbam-setup-1.75.0.1300.exe
 2013-10-25 20:49 - 2013-10-25 20:49 - 02154360 _____ (Malwarebytes Corporation                                    ) C:\Users\Win7\Downloads\mbam-setup-1.75.0.1300(1).exe.part
 2013-10-25 13:13 - 2013-10-25 13:50 - 00000000 ____D C:\Users\Win7\Desktop\bussalb
 2013-10-25 08:48 - 2013-10-25 08:48 - 00000000 ____D C:\Users\Win7\AppData\Roaming\AVAST Software
 2013-10-24 16:03 - 2013-10-24 16:10 - 00259928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
 2013-10-24 16:03 - 2013-10-14 19:41 - 00104752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys
 2013-10-24 15:59 - 2013-10-24 16:11 - 00002013 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
 2013-10-22 21:33 - 2013-10-22 21:33 - 00707072 _____ C:\Users\Win7\Downloads\ws_ftple(1).exe
 2013-10-22 21:28 - 2013-10-22 21:38 - 00000000 ____D C:\Users\Win7\Desktop\Homepage
 2013-10-22 21:28 - 2013-10-22 21:28 - 00000811 _____ C:\Users\Win7\Desktop\Nvu.lnk
 2013-10-22 21:28 - 2013-10-22 21:28 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Nvu
 2013-10-22 21:27 - 2013-10-22 21:28 - 00000000 ____D C:\Program Files\Nvu
 2013-10-22 21:25 - 2013-10-22 21:25 - 06297003 _____ (Thorsten Fritz                                              ) C:\Users\Win7\Downloads\nvu-1.0-win32-installer-de-DE.exe
 2013-10-17 22:16 - 2013-10-17 22:19 - 00000000 ____D C:\Users\Win7\Desktop\stabat demo
 2013-10-13 11:00 - 2013-10-13 13:13 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
 2013-10-11 09:57 - 2013-10-11 09:58 - 18080872 _____ (Adobe Systems Inc.) C:\Users\Win7\Downloads\AdobeAIRInstaller(1).exe
 2013-10-10 11:41 - 2013-09-14 02:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
 2013-10-10 11:41 - 2013-09-08 04:07 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
 2013-10-10 11:41 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
 2013-10-10 11:41 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
 2013-10-10 09:35 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
 2013-10-10 09:35 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
 2013-10-10 09:35 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
 2013-10-10 09:35 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
 2013-10-10 09:35 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
 2013-10-10 09:32 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
 2013-10-10 09:32 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
 2013-10-10 09:32 - 2013-08-29 03:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
 2013-10-10 09:32 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
 2013-10-10 09:32 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
 2013-10-10 09:32 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
 2013-10-10 09:32 - 2013-08-01 13:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
 2013-10-10 09:32 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
 2013-10-10 09:32 - 2013-07-12 12:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
 2013-10-10 09:32 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
 2013-10-10 09:32 - 2013-07-12 12:07 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
 2013-10-10 09:32 - 2013-07-03 06:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
 2013-10-10 09:32 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
 2013-10-10 09:32 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
 2013-10-10 09:31 - 2013-08-28 03:04 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 2013-10-10 09:31 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
 2013-10-10 09:31 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
 2013-10-10 09:31 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
 2013-10-10 09:31 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
 2013-10-10 09:30 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
 2013-10-10 09:30 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
 2013-10-10 09:30 - 2013-09-23 01:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
 2013-10-10 09:30 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
 2013-10-10 09:30 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
 2013-10-10 09:30 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
 2013-10-10 09:30 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
 2013-10-02 20:32 - 2013-10-02 20:34 - 21963912 _____ (Mozilla) C:\Users\Win7\Downloads\Thunderbird Setup 24.0.exe
 2013-10-01 20:47 - 2013-10-01 20:47 - 00000984 _____ C:\Users\Public\Desktop\VLC media player.lnk
 2013-10-01 20:41 - 2013-10-01 20:44 - 24278649 _____ C:\Users\Win7\Downloads\vlc-2.1.0-win32.exe
 2013-10-01 20:41 - 2013-10-01 20:44 - 22131568 _____ (Mozilla) C:\Users\Win7\Downloads\Thunderbird_Setup_24.0.exe
 2013-09-26 21:43 - 2013-09-26 21:44 - 18070536 _____ (Adobe Systems Inc.) C:\Users\Win7\Downloads\AdobeAIRInstaller.exe
 2013-09-26 21:07 - 2013-10-24 16:10 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
 2013-09-26 21:07 - 2013-10-24 16:10 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
 2013-09-26 21:07 - 2013-10-24 16:10 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
 2013-09-26 21:07 - 2013-10-24 16:10 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
 2013-09-26 21:07 - 2013-10-24 16:10 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
 2013-09-26 21:07 - 2013-10-24 16:10 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
 2013-09-26 21:07 - 2013-10-24 16:10 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
 2013-09-26 21:07 - 2013-10-24 16:10 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
 2013-09-26 21:07 - 2013-10-24 16:10 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
 2013-09-26 21:07 - 2013-10-24 16:10 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
 2013-09-26 21:06 - 2013-10-24 16:04 - 00000000 ____D C:\ProgramData\AVAST Software
 2013-09-26 21:06 - 2013-09-26 21:06 - 00000000 ____D C:\Program Files\AVAST Software
 2013-09-26 20:57 - 2013-09-26 21:06 - 131918888 _____ C:\Users\Win7\Desktop\avast_free_antivirus_setup_8.0.1497.376.exe
 2013-09-26 20:55 - 2013-09-26 20:55 - 00227096 _____ C:\Users\Win7\Downloads\avira_registry_cleaner_de.exe
 2013-09-26 15:35 - 2013-09-26 15:37 - 24278649 _____ C:\Users\Win7\Downloads\vlc-2.1.0-win32(1).exe
 2013-09-26 13:27 - 2013-09-26 13:27 - 00001065 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
 2013-09-25 21:51 - 2013-09-25 21:51 - 97858179 _____ C:\Windows\system32\ዿ띥᭔b
 
 ==================== One Month Modified Files and Folders =======
 
 2013-10-25 21:12 - 2013-10-25 21:12 - 01088465 _____ (Farbar) C:\Users\Win7\Desktop\FRST.exe
 2013-10-25 21:12 - 2013-10-25 21:12 - 00000000 ____D C:\FRST
 2013-10-25 21:11 - 2012-10-09 23:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
 2013-10-25 21:10 - 2009-07-14 06:34 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
 2013-10-25 21:10 - 2009-07-14 06:34 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
 2013-10-25 21:07 - 2013-09-23 12:28 - 01549223 _____ C:\Windows\WindowsUpdate.log
 2013-10-25 21:03 - 2012-07-12 11:23 - 00070690 _____ C:\Windows\setupact.log
 2013-10-25 21:03 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
 2013-10-25 21:01 - 2012-08-06 20:24 - 00037342 _____ C:\Windows\PFRO.log
 2013-10-25 20:51 - 2013-10-25 20:51 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
 2013-10-25 20:50 - 2013-10-25 20:50 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Win7\Desktop\mbam-setup-1.75.0.1300.exe
 2013-10-25 20:49 - 2013-10-25 20:49 - 02154360 _____ (Malwarebytes Corporation                                    ) C:\Users\Win7\Downloads\mbam-setup-1.75.0.1300(1).exe.part
 2013-10-25 13:50 - 2013-10-25 13:13 - 00000000 ____D C:\Users\Win7\Desktop\bussalb
 2013-10-25 08:48 - 2013-10-25 08:48 - 00000000 ____D C:\Users\Win7\AppData\Roaming\AVAST Software
 2013-10-24 20:55 - 2012-08-18 13:18 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
 2013-10-24 16:11 - 2013-10-24 15:59 - 00002013 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
 2013-10-24 16:10 - 2013-10-24 16:03 - 00259928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
 2013-10-24 16:10 - 2013-09-26 21:07 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
 2013-10-24 16:10 - 2013-09-26 21:07 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
 2013-10-24 16:10 - 2013-09-26 21:07 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
 2013-10-24 16:10 - 2013-09-26 21:07 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
 2013-10-24 16:10 - 2013-09-26 21:07 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
 2013-10-24 16:10 - 2013-09-26 21:07 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
 2013-10-24 16:10 - 2013-09-26 21:07 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
 2013-10-24 16:10 - 2013-09-26 21:07 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
 2013-10-24 16:10 - 2013-09-26 21:07 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
 2013-10-24 16:10 - 2013-09-26 21:07 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
 2013-10-24 16:04 - 2013-09-26 21:06 - 00000000 ____D C:\ProgramData\AVAST Software
 2013-10-24 16:03 - 2009-07-14 04:04 - 00002577 _____ C:\Windows\system32\config.nt
 2013-10-24 11:42 - 2012-03-16 13:40 - 00000000 ____D C:\Users\Win7
 2013-10-22 21:38 - 2013-10-22 21:28 - 00000000 ____D C:\Users\Win7\Desktop\Homepage
 2013-10-22 21:34 - 2012-09-13 22:58 - 00000945 _____ C:\Users\Win7\Desktop\WS_FTP95 LE.lnk
 2013-10-22 21:34 - 2012-09-13 22:58 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WS_FTP
 2013-10-22 21:34 - 2012-09-13 22:58 - 00000000 ____D C:\Program Files\WS_FTP
 2013-10-22 21:34 - 2009-07-14 04:04 - 00000552 _____ C:\Windows\win.ini
 2013-10-22 21:33 - 2013-10-22 21:33 - 00707072 _____ C:\Users\Win7\Downloads\ws_ftple(1).exe
 2013-10-22 21:28 - 2013-10-22 21:28 - 00000811 _____ C:\Users\Win7\Desktop\Nvu.lnk
 2013-10-22 21:28 - 2013-10-22 21:28 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Nvu
 2013-10-22 21:28 - 2013-10-22 21:27 - 00000000 ____D C:\Program Files\Nvu
 2013-10-22 21:25 - 2013-10-22 21:25 - 06297003 _____ (Thorsten Fritz                                              ) C:\Users\Win7\Downloads\nvu-1.0-win32-installer-de-DE.exe
 2013-10-21 08:27 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
 2013-10-17 22:19 - 2013-10-17 22:16 - 00000000 ____D C:\Users\Win7\Desktop\stabat demo
 2013-10-16 23:01 - 2013-08-13 14:28 - 00000000 ____D C:\Users\Win7\AppData\Roaming\vlc
 2013-10-15 13:53 - 2010-11-20 23:01 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
 2013-10-14 19:41 - 2013-10-24 16:03 - 00104752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys
 2013-10-14 08:41 - 2012-09-24 12:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
 2013-10-13 13:13 - 2013-10-13 11:00 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
 2013-10-13 10:20 - 2012-03-17 22:53 - 00000000 ____D C:\Users\Win7\AppData\Local\Thunderbird
 2013-10-11 12:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
 2013-10-11 10:01 - 2012-03-19 14:12 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
 2013-10-11 09:58 - 2013-10-11 09:57 - 18080872 _____ (Adobe Systems Inc.) C:\Users\Win7\Downloads\AdobeAIRInstaller(1).exe
 2013-10-10 12:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
 2013-10-10 11:05 - 2009-07-14 06:33 - 00367920 _____ C:\Windows\system32\FNTCACHE.DAT
 2013-10-10 11:03 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
 2013-10-10 10:49 - 2012-03-16 14:02 - 00000000 ____D C:\ProgramData\Microsoft Help
 2013-10-10 09:40 - 2012-03-19 15:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
 2013-10-10 09:39 - 2012-04-08 22:59 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
 2013-10-10 09:39 - 2012-03-19 14:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
 2013-10-10 09:39 - 2012-03-18 16:36 - 00000000 ____D C:\Users\Win7\AppData\Local\Adobe
 2013-10-10 09:35 - 2013-08-15 09:03 - 00000000 ____D C:\Windows\system32\MRT
 2013-10-10 09:33 - 2012-03-18 18:58 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 2013-10-09 13:27 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 2013-10-08 21:46 - 2012-03-16 13:40 - 00000000 ____D C:\Users\Win7\AppData\Local\VirtualStore
 2013-10-02 20:34 - 2013-10-02 20:32 - 21963912 _____ (Mozilla) C:\Users\Win7\Downloads\Thunderbird Setup 24.0.exe
 2013-10-02 20:34 - 2012-03-18 21:04 - 00001992 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
 2013-10-01 20:47 - 2013-10-01 20:47 - 00000984 _____ C:\Users\Public\Desktop\VLC media player.lnk
 2013-10-01 20:44 - 2013-10-01 20:41 - 24278649 _____ C:\Users\Win7\Downloads\vlc-2.1.0-win32.exe
 2013-10-01 20:44 - 2013-10-01 20:41 - 22131568 _____ (Mozilla) C:\Users\Win7\Downloads\Thunderbird_Setup_24.0.exe
 2013-09-30 20:50 - 2013-07-11 14:42 - 00001251 _____ C:\DelFix.txt
 2013-09-26 21:44 - 2013-09-26 21:43 - 18070536 _____ (Adobe Systems Inc.) C:\Users\Win7\Downloads\AdobeAIRInstaller.exe
 2013-09-26 21:06 - 2013-09-26 21:06 - 00000000 ____D C:\Program Files\AVAST Software
 2013-09-26 21:06 - 2013-09-26 20:57 - 131918888 _____ C:\Users\Win7\Desktop\avast_free_antivirus_setup_8.0.1497.376.exe
 2013-09-26 20:55 - 2013-09-26 20:55 - 00227096 _____ C:\Users\Win7\Downloads\avira_registry_cleaner_de.exe
 2013-09-26 20:53 - 2013-08-05 11:18 - 00000000 ____D C:\ProgramData\Avira
 2013-09-26 20:53 - 2012-03-17 21:59 - 00000000 ____D C:\Program Files\Avira
 2013-09-26 15:37 - 2013-09-26 15:35 - 24278649 _____ C:\Users\Win7\Downloads\vlc-2.1.0-win32(1).exe
 2013-09-26 13:27 - 2013-09-26 13:27 - 00001065 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
 2013-09-26 13:27 - 2013-09-24 22:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
 2013-09-26 13:27 - 2012-03-17 21:40 - 00000000 ____D C:\Users\Win7\AppData\Roaming\Mozilla
 2013-09-25 21:51 - 2013-09-25 21:51 - 97858179 _____ C:\Windows\system32\ዿ띥᭔b
 2013-09-25 13:58 - 2013-09-23 12:11 - 00000000 ____D C:\Windows\erdnt
 
 Some content of TEMP:
 ====================
 C:\Users\Win7\AppData\Local\temp\Quarantine.exe
 
 
 ==================== Bamital & volsnap Check =================
 
 C:\Windows\explorer.exe => MD5 is legit
 C:\Windows\System32\winlogon.exe => MD5 is legit
 C:\Windows\System32\wininit.exe => MD5 is legit
 C:\Windows\System32\svchost.exe => MD5 is legit
 C:\Windows\System32\services.exe => MD5 is legit
 C:\Windows\System32\User32.dll => MD5 is legit
 C:\Windows\System32\userinit.exe => MD5 is legit
 C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
 LastRegBack: 2013-10-21 14:44
 
 ==================== End Of Log ============================
 --- --- ---  
--- --- ---  
--- --- ---    
Addition:   Code: 
 Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-10-2013Ran by Win7 at 2013-10-25 21:14:41
 Running from C:\Users\Win7\Desktop
 Boot Mode: Normal
 ==========================================================
 
 
 ==================== Security Center ========================
 
 AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
 AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
 ==================== Installed Programs ======================
 
 Adobe AIR (Version: 3.9.0.1030)
 Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
 Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05)
 Amazon MP3-Downloader 1.0.17 (Version: 1.0.17)
 AMD APP SDK Runtime (Version: 2.5.709.2)
 AMD Catalyst Install Manager (Version: 3.0.838.0)
 AMD Fuel (Version: 2011.0728.1756.30366)
 AMD VISION Engine Control Center (Version: 2011.0728.1756.30366)
 Ashampoo Burning Studio 2013 v.11.0.6 (Version: 11.0.6)
 Ashampoo Burning Studio 6 FREE v.6.81 (Version: 6.8.1)
 Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.4.4)
 AutoUpdate (Version: 1.1)
 avast! Internet Security (Version: 9.0.2006)
 Catalyst Control Center InstallProxy (Version: 2011.0728.1756.30366)
 Catalyst Control Center Localization All (Version: 2011.0728.1756.30366)
 Catalyst Control Center Profiles Mobile (Version: 2011.0728.1756.30366)
 CCC Help Chinese Standard (Version: 2011.0728.1755.30366)
 CCC Help Chinese Traditional (Version: 2011.0728.1755.30366)
 CCC Help Czech (Version: 2011.0728.1755.30366)
 CCC Help Danish (Version: 2011.0728.1755.30366)
 CCC Help Dutch (Version: 2011.0728.1755.30366)
 CCC Help English (Version: 2011.0728.1755.30366)
 CCC Help Finnish (Version: 2011.0728.1755.30366)
 CCC Help French (Version: 2011.0728.1755.30366)
 CCC Help German (Version: 2011.0728.1755.30366)
 CCC Help Greek (Version: 2011.0728.1755.30366)
 CCC Help Hungarian (Version: 2011.0728.1755.30366)
 CCC Help Italian (Version: 2011.0728.1755.30366)
 CCC Help Japanese (Version: 2011.0728.1755.30366)
 CCC Help Korean (Version: 2011.0728.1755.30366)
 CCC Help Norwegian (Version: 2011.0728.1755.30366)
 CCC Help Polish (Version: 2011.0728.1755.30366)
 CCC Help Portuguese (Version: 2011.0728.1755.30366)
 CCC Help Russian (Version: 2011.0728.1755.30366)
 CCC Help Spanish (Version: 2011.0728.1755.30366)
 CCC Help Swedish (Version: 2011.0728.1755.30366)
 CCC Help Thai (Version: 2011.0728.1755.30366)
 CCC Help Turkish (Version: 2011.0728.1755.30366)
 ccc-utility (Version: 2011.0728.1756.30366)
 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
 Deutsche Post E-Porto (Version: 2.3.0)
 DivX Codec (Version: 6.6.1)
 EPSON BX620FWD Series Handbuch
 EPSON BX620FWD Series Netzwerk-Handbuch
 EPSON BX620FWD Series Printer Uninstall
 Epson FAX Utility (Version: 1.10.00)
 Epson PC-FAX Driver
 EPSON Scan
 EpsonNet Print (Version: 2.4i)
 EpsonNet Setup 3.3 (Version: 3.3a)
 FileZilla Client 3.5.3 (Version: 3.5.3)
 GMX SMS-Manager (Version: 2.7.2)
 GMX SMS-Manager (Version: 2.7.2.6)
 KVB-Erstattungsantrag PC 2.62
 Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
 Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
 Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
 Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000)
 Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
 Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000)
 Microsoft Silverlight (Version: 5.1.20913.0)
 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
 Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
 Mozilla Firefox 24.0 (x86 de) (Version: 24.0)
 Mozilla Maintenance Service (Version: 24.0.1)
 Mozilla Thunderbird 24.0.1 (x86 de) (Version: 24.0.1)
 Musicnotes Player V1.32.2 and Viewer V1.19.0 (Version: 1.32.2)
 MyTomTom 3.2.0.1116 (Version: 3.2.0.1116)
 Nvu 1.0 (Version: 1.0)
 ON_OFF Charge B11.0110.1 (Version: 1.00.0001)
 PDFCreator (Version: 1.6.2)
 Platform (Version: 1.36)
 Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
 Sibelius Scorch (Firefox, Opera, Netscape only) (Version: 6.2.0)
 Skype™ 6.1 (Version: 6.1.129)
 TVCenter (Version: 6.4.1.858)
 Ubuntu One (Version: 4.1.91)
 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
 Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
 Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
 Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
 Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
 Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
 Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
 Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
 Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
 Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
 Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
 Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
 Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
 Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
 Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
 Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
 Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
 VIA Plattform-Geräte-Manager (Version: 1.36)
 Video Power (Version: 1.0.24)
 Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
 VLC media player 2.1.0 (Version: 2.1.0)
 
 ==================== Restore Points  =========================
 
 30-09-2013 18:50:16 Ende der Bereinigung
 01-10-2013 10:38:58 Windows Update
 08-10-2013 09:28:18 Windows Update
 09-10-2013 12:21:47 Windows Update
 10-10-2013 07:29:33 Windows Update
 10-10-2013 08:47:58 Windows Update
 10-10-2013 11:31:22 Windows Update
 15-10-2013 06:39:42 Windows Update
 18-10-2013 07:02:05 Windows Update
 22-10-2013 07:18:26 Windows Update
 24-10-2013 14:04:29 avast! antivirus system restore point
 25-10-2013 18:54:45 avast! antivirus system restore point
 
 ==================== Hosts content: ==========================
 
 2009-07-14 04:04 - 2013-09-23 12:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
 127.0.0.1       localhost
 
 ==================== Scheduled Tasks (whitelisted) =============
 
 Task: {47D71ABE-5EEC-474F-BFF6-F5F2B0C7B45F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
 Task: {8BCAD73C-3CA6-4075-81CF-92EE883A5AF1} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
 Task: {C47E2A1E-3C9E-4060-94B6-963E4AA72DB5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-10-24] (AVAST Software)
 Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
 
 ==================== Loaded Modules (whitelisted) =============
 
 2012-03-16 13:48 - 2011-08-01 05:43 - 00080496 ____R () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
 2012-03-16 13:48 - 2011-08-01 05:42 - 00113264 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
 2012-03-16 13:48 - 2011-08-01 05:43 - 00623216 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll
 2013-10-24 16:10 - 2013-10-24 16:10 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 2013-09-26 13:27 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
 
 ==================== Alternate Data Streams (whitelisted) =========
 
 
 ==================== Safe Mode (whitelisted) ===================
 
 
 ==================== Faulty Device Manager Devices =============
 
 
 ==================== Event log errors: =========================
 
 Application errors:
 ==================
 Error: (10/25/2013 09:05:30 PM) (Source: WinMgmt) (User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/25/2013 08:54:44 PM) (Source: VSS) (User: )
 Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
 .
 Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
 
 
 Vorgang:
 Generatordaten werden gesammelt
 
 Kontext:
 Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
 Generatorname: System Writer
 Generatorinstanz-ID: {22e93bfa-b33c-4516-bc7a-252659597331}
 
 Error: (10/25/2013 01:53:16 PM) (Source: WinMgmt) (User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/25/2013 11:01:51 AM) (Source: WinMgmt) (User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/25/2013 09:13:36 AM) (Source: WinMgmt) (User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/25/2013 08:49:50 AM) (Source: WinMgmt) (User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/24/2013 04:04:29 PM) (Source: VSS) (User: )
 Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
 .
 Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
 
 
 Vorgang:
 Generatordaten werden gesammelt
 
 Kontext:
 Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
 Generatorname: System Writer
 Generatorinstanz-ID: {fbca639b-23a2-454c-ba97-8f799811102b}
 
 Error: (10/24/2013 11:42:54 AM) (Source: WinMgmt) (User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/24/2013 09:38:49 AM) (Source: WinMgmt) (User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/23/2013 09:14:10 PM) (Source: WinMgmt) (User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
 System errors:
 =============
 Error: (10/25/2013 09:03:55 PM) (Source: Service Control Manager) (User: )
 Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
 aswKbd
 
 Error: (10/25/2013 09:02:55 PM) (Source: DCOM) (User: )
 Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 Error: (10/25/2013 09:01:46 PM) (Source: Service Control Manager) (User: )
 Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
 aswKbd
 
 Error: (10/25/2013 09:00:26 PM) (Source: DCOM) (User: )
 Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 Error: (10/25/2013 01:50:41 PM) (Source: DCOM) (User: )
 Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 Error: (10/25/2013 09:17:20 AM) (Source: DCOM) (User: )
 Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 Error: (10/25/2013 08:51:35 AM) (Source: DCOM) (User: )
 Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 Error: (10/25/2013 08:48:51 AM) (Source: WMPNetworkSvc) (User: )
 Description: WMPNetworkSvc0x80004005
 
 Error: (10/24/2013 11:21:09 PM) (Source: DCOM) (User: )
 Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 Error: (10/24/2013 04:11:40 PM) (Source: bowser) (User: )
 Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
 der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{0E3E7279-869C-4DAC-819A-F6740884B2-Transport zu sein scheint.
 Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 
 
 Microsoft Office Sessions:
 =========================
 Error: (10/25/2013 09:05:30 PM) (Source: WinMgmt)(User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/25/2013 08:54:44 PM) (Source: VSS)(User: )
 Description: 0x80070005, Zugriff verweigert
 
 
 Vorgang:
 Generatordaten werden gesammelt
 
 Kontext:
 Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
 Generatorname: System Writer
 Generatorinstanz-ID: {22e93bfa-b33c-4516-bc7a-252659597331}
 
 Error: (10/25/2013 01:53:16 PM) (Source: WinMgmt)(User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/25/2013 11:01:51 AM) (Source: WinMgmt)(User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/25/2013 09:13:36 AM) (Source: WinMgmt)(User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/25/2013 08:49:50 AM) (Source: WinMgmt)(User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/24/2013 04:04:29 PM) (Source: VSS)(User: )
 Description: 0x80070005, Zugriff verweigert
 
 
 Vorgang:
 Generatordaten werden gesammelt
 
 Kontext:
 Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
 Generatorname: System Writer
 Generatorinstanz-ID: {fbca639b-23a2-454c-ba97-8f799811102b}
 
 Error: (10/24/2013 11:42:54 AM) (Source: WinMgmt)(User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/24/2013 09:38:49 AM) (Source: WinMgmt)(User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 Error: (10/23/2013 09:14:10 PM) (Source: WinMgmt)(User: )
 Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
 ==================== Memory info ===========================
 
 Percentage of memory in use: 35%
 Total physical RAM: 3325.41 MB
 Available physical RAM: 2148.27 MB
 Total Pagefile: 6649.12 MB
 Available Pagefile: 5309.05 MB
 Total Virtual: 2047.88 MB
 Available Virtual: 1894.38 MB
 
 ==================== Drives ================================
 
 Drive c: () (Fixed) (Total:244.04 GB) (Free:190.12 GB) NTFS
 Drive d: () (Fixed) (Total:110.81 GB) (Free:109.81 GB) NTFS
 Drive e: (16 Okt 2013) (CDROM) (Total:0.69 GB) (Free:0 GB) UDF
 
 ==================== MBR & Partition Table ==================
 
 ========================================================
 Disk: 0 (Size: 466 GB) (Disk ID: 46188D82)
 Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
 Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
 Partition 3: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
 Partition 4: (Not Active) - (Size=111 GB) - (Type=05)
 
 ==================== End Of Log ============================
 Vielleicht sollte ich wieder auf Abakus umsteigen......   
Jedenfalls habe ich auf dem Webspace der  Kollegin sämtliche vorhandene Dateien gelöscht, ohns sie noch anzuschauen. Hoffe, das war wenigstens richtig.  
Achso, ganz so doof war ich gar nicht gewesen: bevor ich die htmls auf meinem PC öffnete, hatte ich sie mit Avast überprüft. Ohne Ergebnis....   
Ich hoffe, Du hilfst mir nochmal, das in Ordnung zu bringen. Ich verspreche dafür, dass ich nicht mehr jemandem zu helfen versuche, mit meinem gefährlichen Halbwissen. |