Windows 7 x64:Spamversand über email account.

WinstonWolf · 06.04.2014, 09:15

Hi,

Mein email Anbieter hat mir mitgeteilt, das über mein Konto massenhaft Spam verschickt wurde.Also muss wohl irgendjemand mein Passwort ausgespäht haben.

Mir ist beim täglichen Arbeiten nichts ungewöhnliches aufgefallen.
Standardmäßige scans mit Hitman, Malwarebytes und MSE blieben immer ohne Fund.

Hier die Logs:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:29 on 06/04/2014 (Homeoffice)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Homeoffice at 2014-04-06 09:30:35
Running from C:\Users\Homeoffice\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{60BBC176-C393-6033-837E-B6BF4CDCBFB9}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Challenger (HKLM-x32\...\Challenger) (Version: 2.4.8 - HB.Fomm)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EMET 4.1 (HKLM-x32\...\{65BC2BDA-D828-4596-99E4-A8799C45C84C}) (Version: 4.1 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.216 - SurfRight B.V.)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 5.10 - Philipp Winterberg)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Sapphire TRIXX (HKLM-x32\...\Sapphire TRIXX) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

05-04-2014 17:21:20 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {524DF096-E645-412D-BA48-7ABFE200E499} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-24] (Google Inc.)
Task: {6800152B-1C4B-4B79-9217-7A4E41DCC89B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-24] (Google Inc.)
Task: {73EDA56E-AB53-4110-A363-ACB3E2F0278F} - System32\Tasks\Sapphire TRIXX => C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe [2013-12-19] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-21 11:14 - 2013-11-21 11:14 - 00089232 _____ () C:\Program Files (x86)\EMET 4.1\EMET_CE64.DLL
2013-12-19 18:19 - 2013-12-19 18:19 - 05623104 _____ () C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe
2014-03-27 18:20 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-03-27 18:20 - 2008-07-11 16:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2014-04-03 13:33 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Homeoffice\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2013-11-21 11:14 - 2013-11-21 11:14 - 00114176 _____ () C:\Program Files (x86)\EMET 4.1\HelperLib.dll
2013-11-12 10:22 - 2013-11-12 10:22 - 00028672 _____ () C:\Program Files (x86)\EMET 4.1\ReportingSubsystem.dll
2013-11-21 11:14 - 2013-11-21 11:14 - 00348160 _____ () C:\Program Files (x86)\EMET 4.1\DevExpress.UserSkins.HighContrast.dll
2013-11-21 11:14 - 2013-11-21 11:14 - 00023040 _____ () C:\Program Files (x86)\EMET 4.1\TrayIconSubsystem.dll
2013-11-21 11:14 - 2013-11-21 11:14 - 00042496 _____ () C:\Program Files (x86)\EMET 4.1\PKIPinningSubsystem.dll
2013-11-21 11:14 - 2013-11-21 11:14 - 00080528 _____ () C:\Program Files (x86)\EMET 4.1\EMET_CE.DLL
2014-03-27 18:20 - 2012-06-06 10:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2014-03-24 12:35 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-24 12:35 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-24 12:35 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-24 12:35 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-24 12:35 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-24 12:35 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Homeoffice^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2014 08:53:43 PM) (Source: EMET) (User: )
Description: EMET detected DEP mitigation and will close the application: chrome.exe

DEP check failed:
  Application 	: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  User Name 	: Homeoffice-PC\Homeoffice
  Session ID 	: 1
  PID 		: 0x13B0 (5040)
  TID 		: 0x13E8 (5096)
  Module 	: npctrl.dll
  Address 	: 0x6BDA1A07

Error: (04/05/2014 06:24:35 PM) (Source: EMET) (User: )
Description: EMET detected DEP mitigation and will close the application: chrome.exe

DEP check failed:
  Application 	: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  User Name 	: Homeoffice-PC\Homeoffice
  Session ID 	: 1
  PID 		: 0xEA0 (3744)
  TID 		: 0x12D0 (4816)
  Module 	: npctrl.dll
  Address 	: 0x6C001A07

Error: (04/02/2014 05:36:20 PM) (Source: EMET) (User: )
Description: EMET detected DEP mitigation and will close the application: chrome.exe

DEP check failed:
  Application 	: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  User Name 	: Homeoffice-PC\Homeoffice
  Session ID 	: 1
  PID 		: 0xEF0 (3824)
  TID 		: 0xD98 (3480)
  Module 	: npctrl.dll
  Address 	: 0x73ED1A07

Error: (03/29/2014 02:35:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.495, Zeitstempel: 0x53165beb
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xef8
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (03/24/2014 02:49:53 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (03/24/2014 02:30:13 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0xC004C008
SKU-ID=2e7d060d-4714-40f2-9896-1e4f15b612ad

Error: (03/24/2014 02:30:13 PM) (Source: Software Protection Platform Service) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0xC004C008

Error: (03/24/2014 01:23:12 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0xC004C008
SKU-ID=2e7d060d-4714-40f2-9896-1e4f15b612ad

Error: (03/24/2014 01:23:12 PM) (Source: Software Protection Platform Service) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0xC004C008

Error: (03/24/2014 01:09:23 PM) (Source: MsiInstaller) (User: Homeoffice-PC)
Description: Produkt: Microsoft-Maus- und Tastatur-Center -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an den Support, um weitere Unterstützung zu erhalten.


System errors:
=============
Error: (04/06/2014 07:57:23 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎06.‎04.‎2014 um 07:56:24 unerwartet heruntergefahren.

Error: (04/04/2014 02:49:42 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (04/01/2014 10:16:54 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (03/31/2014 06:39:58 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (03/31/2014 04:35:53 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎30.‎03.‎2014 um 21:18:08 unerwartet heruntergefahren.

Error: (03/30/2014 08:54:19 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (03/30/2014 08:07:46 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎29.‎03.‎2014 um 22:04:00 unerwartet heruntergefahren.

Error: (03/29/2014 02:30:18 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎29.‎03.‎2014 um 13:27:49 unerwartet heruntergefahren.

Error: (03/29/2014 01:19:57 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎29.‎03.‎2014 um 07:16:27 unerwartet heruntergefahren.

Error: (03/27/2014 09:56:16 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.


Microsoft Office Sessions:
=========================
Error: (04/05/2014 08:53:43 PM) (Source: EMET)(User: )
Description: EMET detected DEP mitigation and will close the application: chrome.exe

DEP check failed:
  Application 	: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  User Name 	: Homeoffice-PC\Homeoffice
  Session ID 	: 1
  PID 		: 0x13B0 (5040)
  TID 		: 0x13E8 (5096)
  Module 	: npctrl.dll
  Address 	: 0x6BDA1A07

Error: (04/05/2014 06:24:35 PM) (Source: EMET)(User: )
Description: EMET detected DEP mitigation and will close the application: chrome.exe

DEP check failed:
  Application 	: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  User Name 	: Homeoffice-PC\Homeoffice
  Session ID 	: 1
  PID 		: 0xEA0 (3744)
  TID 		: 0x12D0 (4816)
  Module 	: npctrl.dll
  Address 	: 0x6C001A07

Error: (04/02/2014 05:36:20 PM) (Source: EMET)(User: )
Description: EMET detected DEP mitigation and will close the application: chrome.exe

DEP check failed:
  Application 	: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  User Name 	: Homeoffice-PC\Homeoffice
  Session ID 	: 1
  PID 		: 0xEF0 (3824)
  TID 		: 0xD98 (3480)
  Module 	: npctrl.dll
  Address 	: 0x73ED1A07

Error: (03/29/2014 02:35:01 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.49553165bebMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdef801cf4b4b4b80e7afC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll8b5f3782-b73e-11e3-88d8-bc5ff474f0ab

Error: (03/24/2014 02:49:53 PM) (Source: ATIeRecord)(User: )
Description: 

Error: (03/24/2014 02:30:13 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C0082e7d060d-4714-40f2-9896-1e4f15b612ad

Error: (03/24/2014 02:30:13 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C00800010001(0x00000000, 13:30:12:327 - http://go.microsoft.com/fwlink/?LinkID=88341)
00020001(0x00000000, 13:30:12:327)
00030001(0x00000000, 13:30:12:327 - http://go.microsoft.com)
00030002(0x00000000, 13:30:12:327 - 1)
00020005(0x00000000, 13:30:12:327 - 0)
0002000C(0x00000000, 13:30:12:561 - 302)
0002000E(0x00000000, 13:30:12:561 - https://activation.sls.microsoft.com/sllicensing/SLLicense.asmx)
00020001(0x00000000, 13:30:12:561)
00030001(0x00000000, 13:30:12:561 - https://activation.sls.microsoft.com)
00030002(0x00000000, 13:30:12:561 - 1)
00020005(0x00000000, 13:30:12:561 - 0)
0002000C(0x00000000, 13:30:13:544 - 500)
00010002(0x8004FC01, 13:30:13:544 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C008</HRESULT><Messages><Message>113 (Activation) - [PA Maximum unlock exceeded.  ---&gt; Maximum unlock exceeded]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 13:30:13:544)

Error: (03/24/2014 01:23:12 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C0082e7d060d-4714-40f2-9896-1e4f15b612ad

Error: (03/24/2014 01:23:12 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C00800010001(0x00000000, 12:23:11:478 - http://go.microsoft.com/fwlink/?LinkID=88341)
00020001(0x00000000, 12:23:11:478)
00030001(0x00000000, 12:23:11:478 - http://go.microsoft.com)
00030002(0x00000000, 12:23:11:478 - 1)
00020005(0x00000000, 12:23:11:478 - 0)
0002000C(0x00000000, 12:23:11:681 - 302)
0002000E(0x00000000, 12:23:11:681 - https://activation.sls.microsoft.com/sllicensing/SLLicense.asmx)
00020001(0x00000000, 12:23:11:681)
00030001(0x00000000, 12:23:11:681 - https://activation.sls.microsoft.com)
00030002(0x00000000, 12:23:11:681 - 1)
00020005(0x00000000, 12:23:11:681 - 0)
0002000C(0x00000000, 12:23:12:508 - 500)
00010002(0x8004FC01, 12:23:12:508 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C008</HRESULT><Messages><Message>113 (Activation) - [PA Maximum unlock exceeded.  ---&gt; Maximum unlock exceeded]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 12:23:12:508)

Error: (03/24/2014 01:09:23 PM) (Source: MsiInstaller)(User: Homeoffice-PC)
Description: Produkt: Microsoft-Maus- und Tastatur-Center -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an den Support, um weitere Unterstützung zu erhalten.(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info =========================== 

Percentage of memory in use: 20%
Total physical RAM: 8165.7 MB
Available physical RAM: 6505.98 MB
Total Pagefile: 8563.88 MB
Available Pagefile: 6737.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.44 GB) (Free:31.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 60 GB) (Disk ID: B2885289)

Partition: GPT Partition Type.

==================== End Of Log ============================

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.04.2014
Suchlauf-Zeit: 13:06:44
Logdatei: mbam1.txt
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.04.03.02
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Homeoffice

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 233543
Verstrichene Zeit: 4 Min, 49 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

HitmanPro 3.7.9.216
www.hitmanpro.com

   Computer name . . . . : HOMEOFFICE-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Homeoffice-PC\Homeoffice
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-03-31 17:47:16
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 32s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 1.009.453
   Files scanned . . . . : 15.114
   Remnants scanned  . . : 254.721 files / 739.618 keys

Cookies _____________________________________________________________________

   C:\Users\Homeoffice\AppData\Roaming\Microsoft\Windows\Cookies\QYZ91N80.txt

Bei GMER gab es folgende Fehlermeldungen:

Gmer und frst log im Anhang da zu groß.

Windows 7 x64:Spamversand über email account.

Log-Analyse und Auswertung: Windows 7 x64:Spamversand über email account.

Windows 7 x64:Spamversand über email account.

Ähnliche Themen: Windows 7 x64:Spamversand über email account.