Auf meinem Server wird meine webseite befallen, evtl. liegt das an meinem Computer / Befall?

svenjens · 29.04.2014, 09:54

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2014
Ran by Jasmin (administrator) on JASMIN-PC on 29-04-2014 10:43:56
Running from C:\Users\Jasmin\Downloads
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\Windows\system32\brsvc01a.exe
(brother Industries Ltd) C:\Windows\system32\brss01a.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Windows\System32\jureg.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Microsoft Corporation) C:\Windows\system32\schtasks.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Funkwerk Enterprise Communications GmbH) C:\Program Files\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
(JTL-Software-GmbH) C:\Program Files\JTL-Software\JTL-wawi.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(JTL-Software-GmbH) C:\Program Files\JTL-Software\JTL-wawi.exe
(TeamViewer GmbH) c:\program files\teamviewer\version6\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\tv_w32.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4669440 2007-07-06] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateReg] => C:\Windows\system32\jureg.exe [54680 2009-02-28] (Sun Microsystems, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2004-03-09] (ScanSoft, Inc.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [357376 2008-07-22] (shbox.de)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13539872 2008-05-22] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2008-05-22] (NVIDIA Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (CANON INC.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-24] (AVAST Software)
HKU\S-1-5-21-3369885131-2479379214-1242257067-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Control Center.lnk
ShortcutTarget: Control Center.lnk -> C:\Program Files\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe (Funkwerk Enterprise Communications GmbH)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {6A4AF7F9-BACF-4CCE-B8DD-5D594ACFE3FD} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie7chrome
SearchScopes: HKCU - {4736ECB3-E860-4FD0-9B65-204F32B48712} URL = hxxp://go.web.de/suchbox/amazon/?keywords={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {A243734D-0F97-4006-A1FE-4773A31A315C} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKCU - {A7FC913E-53C2-488F-B66D-1AE1901CE3BF} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKCU - {AB01892A-4DDF-4D2E-8567-77A58637E3FA} URL = hxxp://go.web.de/suchbox/smartshopping/?searchText={searchTerms}&mc=searchplugin@suche@msie.suche@preisvergleich
SearchScopes: HKCU - {C05C4C38-5B4B-4AD5-BD8E-34DFC416045C} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {CDCCBDFC-7C30-4EF6-84A0-0E002D94F97F} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_22\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.250

FireFox:
========
FF ProfilePath: C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\jhrgq5se.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.2: 1und1 Suche
FF SearchEngineOrder.3: amazon.de
FF SearchEngineOrder.4: WEB.DE Suche
FF Homepage: hxxp://www.tesi-golf.de/jtlshop/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/DTPlugin - C:\Program Files\Java\jre1.6.0_22\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre1.6.0_22\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF SearchPlugin: C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\jhrgq5se.default\searchplugins\1und1-suche.xml
FF SearchPlugin: C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\jhrgq5se.default\searchplugins\amazonde.xml
FF SearchPlugin: C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\jhrgq5se.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\jhrgq5se.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\jhrgq5se.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27]
FF Extension: Update Notifier - C:\Program Files\Mozilla Firefox\extensions\{95f24680-9e31-11da-a746-0800200c9a66} [2014-04-08]
FF Extension: WEB.DE Firefox Addon - C:\Program Files\Mozilla Firefox\extensions\{a82d0125-000a-4a57-abbc-5d4b0dbaab54} [2014-04-08]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-08]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-08]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-04-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-03]

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.tesi-golf.de/"
CHR Extension: (Google Docs) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-03]
CHR Extension: (Google Drive) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-03]
CHR Extension: (YouTube) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-03]
CHR Extension: (Google-Suche) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-03]
CHR Extension: (avast! Online Security) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-03]
CHR Extension: (Google Wallet) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-03]
CHR Extension: (Google Mail) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-03]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-24]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-24] (AVAST Software)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [255864 2012-02-02] (AVM Berlin)
R2 Brother XP spl Service; C:\Windows\system32\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [122232 2011-10-31] (AVM Berlin)
S4 DynDNS Updater; C:\Program Files\DynDNS Updater\DynUpSvc.exe [99704 2009-09-28] (Dynamic Network Services, Inc.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [61440 2007-05-24] (Hewlett-Packard)
R2 MSSQL$JTLWAWI; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2011-10-31] (AVM Berlin)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [361288 2009-10-13] (TuneUp Software)
S2 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [604488 2009-10-13] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2009-12-06] (Protect Software GmbH)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-04-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-04-24] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-04-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-04-24] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-04-24] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-04-24] ()
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-19] (Microsoft Corporation)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [334712 2011-07-05] (AVM Berlin)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
R3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Jasmin\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKslf1693b20; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{261B3DC1-4C7E-4DF3-BFD3-DEBA44ED114A}\MpKslf1693b20.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-28 20:11 - 2014-04-28 20:11 - 00001230 _____ () C:\Users\Jasmin\Desktop\JRT.txt
2014-04-28 20:07 - 2014-04-28 20:07 - 00000000 ____D () C:\Windows\ERUNT
2014-04-28 19:58 - 2014-04-28 19:58 - 01016261 _____ (Thisisu) C:\Users\Jasmin\Downloads\JRT.exe
2014-04-28 19:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-04-28 19:32 - 2014-04-28 19:48 - 00000000 ____D () C:\AdwCleaner
2014-04-28 19:27 - 2014-04-28 19:27 - 01310283 _____ () C:\Users\Jasmin\Downloads\adwcleaner(1).exe
2014-04-28 19:22 - 2014-04-28 19:22 - 00002858 _____ () C:\Users\Jasmin\Desktop\mbam.txt
2014-04-28 11:18 - 2014-04-28 19:19 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 11:17 - 2014-04-28 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-28 11:17 - 2014-04-28 11:17 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-28 11:17 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-28 11:17 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-28 11:11 - 2014-04-28 11:11 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Jasmin\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-28 10:23 - 2014-04-28 10:24 - 00039805 _____ () C:\Users\Jasmin\Downloads\Addition.txt
2014-04-27 11:02 - 2014-04-29 10:43 - 00017437 _____ () C:\Users\Jasmin\Downloads\FRST.txt
2014-04-27 10:47 - 2014-04-28 10:19 - 00000000 ____D () C:\Users\Jasmin\Downloads\FRST-OlderVersion
2014-04-24 15:05 - 2014-04-24 15:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-24 15:05 - 2014-04-24 15:05 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-18 12:02 - 2014-04-18 12:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 20:03 - 2014-04-17 20:03 - 00000000 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-10 00:29 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 00:29 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 00:29 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 00:29 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 00:29 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 00:29 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 00:29 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 00:29 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 00:29 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 00:29 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 00:29 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 00:29 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 00:29 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 00:29 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 00:29 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 00:29 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 00:12 - 2014-04-29 10:43 - 00000000 ____D () C:\FRST
2014-04-10 00:11 - 2014-04-28 10:19 - 01049600 _____ (Farbar) C:\Users\Jasmin\Downloads\FRST.exe
2014-04-09 22:51 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 11:32 - 2014-04-08 11:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-29 10:45 - 2014-04-27 11:02 - 00017437 _____ () C:\Users\Jasmin\Downloads\FRST.txt
2014-04-29 10:43 - 2014-04-10 00:12 - 00000000 ____D () C:\FRST
2014-04-29 10:38 - 2012-04-13 09:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-29 09:46 - 2014-01-03 11:26 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-29 08:54 - 2014-01-03 11:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-29 08:54 - 2006-11-02 14:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-29 08:54 - 2006-11-02 14:45 - 00003552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-29 08:54 - 2006-11-02 14:45 - 00003552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-28 22:58 - 2007-08-17 13:38 - 01492782 _____ () C:\Windows\WindowsUpdate.log
2014-04-28 22:58 - 2006-11-02 14:58 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-28 20:11 - 2014-04-28 20:11 - 00001230 _____ () C:\Users\Jasmin\Desktop\JRT.txt
2014-04-28 20:07 - 2014-04-28 20:07 - 00000000 ____D () C:\Windows\ERUNT
2014-04-28 19:58 - 2014-04-28 19:58 - 01016261 _____ (Thisisu) C:\Users\Jasmin\Downloads\JRT.exe
2014-04-28 19:51 - 2007-08-03 14:50 - 00463194 _____ () C:\Windows\PFRO.log
2014-04-28 19:48 - 2014-04-28 19:32 - 00000000 ____D () C:\AdwCleaner
2014-04-28 19:27 - 2014-04-28 19:27 - 01310283 _____ () C:\Users\Jasmin\Downloads\adwcleaner(1).exe
2014-04-28 19:22 - 2014-04-28 19:22 - 00002858 _____ () C:\Users\Jasmin\Desktop\mbam.txt
2014-04-28 19:19 - 2014-04-28 11:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 15:37 - 2006-11-02 14:35 - 00000000 ____D () C:\Windows\DigitalLocker
2014-04-28 11:17 - 2014-04-28 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-28 11:17 - 2014-04-28 11:17 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-28 11:17 - 2012-11-28 17:00 - 00000000 ____D () C:\Users\Jasmin\AppData\Roaming\Malwarebytes
2014-04-28 11:17 - 2012-11-28 17:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-28 11:11 - 2014-04-28 11:11 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Jasmin\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-28 10:24 - 2014-04-28 10:23 - 00039805 _____ () C:\Users\Jasmin\Downloads\Addition.txt
2014-04-28 10:19 - 2014-04-27 10:47 - 00000000 ____D () C:\Users\Jasmin\Downloads\FRST-OlderVersion
2014-04-28 10:19 - 2014-04-10 00:11 - 01049600 _____ (Farbar) C:\Users\Jasmin\Downloads\FRST.exe
2014-04-27 15:15 - 2012-12-10 14:02 - 00000000 ____D () C:\Users\Jasmin\AppData\Roaming\jtl-software
2014-04-27 11:44 - 2008-03-23 17:39 - 00000000 ____D () C:\Users\Jasmin\AppData\Local\Adobe
2014-04-27 11:41 - 2012-04-13 09:43 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-27 11:41 - 2011-08-01 09:49 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-27 11:17 - 2007-08-03 14:49 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-27 10:58 - 2011-02-05 12:17 - 00000012 _____ () C:\Windows\Brownie.ini
2014-04-27 10:58 - 2011-02-05 12:17 - 00000011 _____ () C:\Windows\BRVIDEO.INI
2014-04-27 10:58 - 2008-03-23 17:50 - 00000000 ____D () C:\Program Files\Brother
2014-04-25 21:31 - 2014-01-03 11:27 - 00001925 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-25 11:51 - 2012-02-14 20:00 - 00000000 ____D () C:\Users\Jasmin\Desktop\Bilder artikelanlage Sven Frey
2014-04-24 15:05 - 2014-04-24 15:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-24 15:05 - 2014-04-24 15:05 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-24 15:05 - 2014-01-03 11:29 - 00001835 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-24 15:05 - 2014-01-03 11:24 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-24 15:05 - 2014-01-03 11:24 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-04-24 15:05 - 2014-01-03 11:24 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-24 15:05 - 2014-01-03 11:24 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-24 15:05 - 2014-01-03 11:24 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-24 15:05 - 2014-01-03 11:24 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-04-24 15:05 - 2014-01-03 11:24 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-04-24 15:05 - 2014-01-03 11:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-23 00:31 - 2009-06-20 11:03 - 00000000 ____D () C:\Program Files\FakturaXP
2014-04-18 12:02 - 2014-04-18 12:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 20:03 - 2014-04-17 20:03 - 00000000 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-17 20:03 - 2007-08-03 15:07 - 00000000 ____D () C:\Program Files\Java
2014-04-16 00:32 - 2008-03-23 18:48 - 00000725 _____ () C:\Windows\ODBC.INI
2014-04-15 22:41 - 2013-01-22 12:19 - 00000000 ____D () C:\Users\Jasmin\Documents\SQL Server Management Studio
2014-04-14 16:33 - 2008-03-24 13:32 - 00000512 _____ () C:\Windows\BRWMARK.INI
2014-04-11 16:43 - 2006-11-02 12:33 - 01930098 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-11 11:30 - 2012-11-28 15:04 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-10 09:42 - 2012-04-26 09:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-10 00:30 - 2009-04-04 22:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 00:27 - 2013-08-02 03:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 00:24 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-08 11:34 - 2014-04-08 11:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-03 09:51 - 2014-04-28 11:17 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-28 11:17 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-11-28 17:00 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2009-10-03 11:42 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Jasmin\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe
C:\Users\Jasmin\AppData\Local\Temp\ICReinstall_Riot-setup-Downloader.exe
C:\Users\Jasmin\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jasmin\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jasmin\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Jasmin\AppData\Local\Temp\Quarantine.exe
C:\Users\Jasmin\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 09:01

==================== End Of Log ============================

--- --- ---

Auf meinem Server wird meine webseite befallen, evtl. liegt das an meinem Computer / Befall?

Plagegeister aller Art und deren Bekämpfung: Auf meinem Server wird meine webseite befallen, evtl. liegt das an meinem Computer / Befall?

Auf meinem Server wird meine webseite befallen, evtl. liegt das an meinem Computer / Befall?

Ähnliche Themen: Auf meinem Server wird meine webseite befallen, evtl. liegt das an meinem Computer / Befall?