| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Rechner eventuell infiziert Lavasoft Yahoo, Firefox UmleitungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.12.2014, 21:05
| #1 |
| |  Rechner eventuell infiziert Lavasoft Yahoo, Firefox Umleitung Hallo Trojaner Board, Anbei die entsprechenden Logs. Ich bin mir leider nicht sicher, ob mein Rechner nicht eventuell (noch) infiziert ist. Aufgefallen ist mir, dass wenn ich firefox etwas suche ich dann auf einer Lavasoft / Yahoosuche gelandet bin. Teilweise wurden Seiten nicht geladen bzw. ohne CSS... Hoffe nicht, dass ich zuviel getan habe. Leider kannte ich dieses Forum vorher nicht. Was ich getan habe: a) mbam drüber laufen lassen b) adware se drüber laufen lassen. ich freue mich bereits auf eure Antworten , vielen lieben Dank. frst.log: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-12-12 20:48:02
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000042 Samsung_SSD_840_PRO_Series rev.DXM06B0Q 476,94GB
Running: Gmer-19357.exe; Driver: C:\Users\USER~1.DOM\AppData\Local\Temp\kxlorpoc.sys
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [580:4496] fffff960009832d0
Thread C:\Windows\system32\svchost.exe [364:6868] 00007ff84e247240
Thread C:\Windows\system32\svchost.exe [364:4996] 00007ff853f51050
---- Processes - GMER 2.1 ----
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\python27.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564] (Python Core/Python Software Foundation)(2014-12-12 19:23:11) 000000001e000000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32api.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001e8c0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\pywintypes27.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001e7a0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\pythoncom27.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 0000000002040000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\_socket.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000000220000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\_ssl.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000002610000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32com.shell.shell.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 000000001e800000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\_hashlib.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000002b40000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wx._core_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 0000000002c00000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wxbase294u_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564] (wxWidgets for MSW/wxWidgets development team)(2014-12-12 19:23:11) 0000000002d30000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wxbase294u_net_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564] (wxWidgets for MSW/wxWidgets development team)(2014-12-12 19:23:11) 00000000003d0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wxmsw294u_core_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564] (wxWidgets for MSW/wxWidgets development team)(2014-12-12 19:23:11) 0000000002f20000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wxmsw294u_adv_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564] (wxWidgets for MSW/wxWidgets development team)(2014-12-12 19:23:11) 00000000033c0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wx._gdi_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000003500000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wx._windows_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000003dd0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wxmsw294u_html_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564] (wxWidgets for MSW/wxWidgets development team)(2014-12-12 19:23:11) 0000000003ea0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wx._controls_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000004160000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wx._misc_.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 0000000004270000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\_elementtree.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001d100000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\pyexpat.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000003f40000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\pysqlite2._sqlite.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 0000000004330000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\_ctypes.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001d1a0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32file.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001ea10000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32security.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001ec80000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\hashobjs_ext.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000010000000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32gui.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001ea40000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32event.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001e9b0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32inet.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001eaa0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32crypt.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 000000001e980000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wx._html2.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000003f90000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wxmsw294u_webview_vc90.dll (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564] (wxWidgets for MSW/wxWidgets development team)(2014-12-12 19:23:11) 0000000005390000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\_multiprocessing.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 0000000003fc0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32process.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 000000001ebf0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\unicodedata.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 00000000053b0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wx._wizard.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 0000000005460000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32pipe.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001eb90000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32pdh.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001eb60000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\select.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 00000000054c0000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32profile.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:11) 000000001ec20000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\win32ts.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 000000001ed40000
Library C:\Users\USER~1.DOM\AppData\Local\Temp\_MEI55562\wx._animate.pyd (*** suspicious ***) @ C:\Program Files (x86)\Google\Drive\googledrivesync.exe [5564](2014-12-12 19:23:10) 00000000054d0000
Library C:\Users\USERvaglieri.DOMAENE\AppData\Local\KeePass\PluginCache\idPSpFtAxudyAEo3U1VG\KeePassRPC.dll (*** suspicious ***) @ C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [6676] (KeePassRPC/Chris Tomlinson)(2014-11-05 19:26:53) 0000000004940000
Library C:\Users\USERvaglieri.DOMAENE\AppData\Local\KeePass\PluginCache\idPSpFtAxudyAEo3U1VG\Jayrock.dll (*** suspicious ***) @ C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [6676] (Jayrock/hxxp://jayrock.googlecode.com)(2014-11-05 19:26:51) 0000000003800000
Library C:\Users\USERvaglieri.DOMAENE\AppData\Local\KeePass\PluginCache\idPSpFtAxudyAEo3U1VG\Fleck2.dll (*** suspicious ***) @ C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [6676](2014-11-05 19:26:51) 00000000043d0000
Library C:\Users\USERvaglieri.DOMAENE\AppData\Local\KeePass\PluginCache\idPSpFtAxudyAEo3U1VG\KeePassRPC.Mono.Security.dll (*** suspicious ***) @ C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [6676] (Mono.Security.dll/MONO development team)(2014-11-05 19:26:51) 00000000075d0000
Library C:\Users\USERvaglieri.DOMAENE\AppData\Local\KeePass\PluginCache\idPSpFtAxudyAEo3U1VG\Jayrock.Json.dll (*** suspicious ***) @ C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [6676] (Jayrock.Json/hxxp://jayrock.googlecode.com)(2014-11-05 19:26:51) 0000000008060000
---- EOF - GMER 2.1 ----
Code:
ATTFilter Description: The program TeamViewer.exe version 8.0.30992.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1750
Start Time: 01d0125b88a936f9
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
Report Id: 3a37d1db-7e55-11e4-82b1-dc85de1f8d86
Faulting package full name:
Faulting package-relative application ID:
Error: (12/07/2014 09:52:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GastroBlitz.exe, version: 1.5.9.62, time stamp: 0x5484bbf7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0xe0434352
Fault offset: 0x00014598
Faulting process id: 0xaf0
Faulting application start time: 0xGastroBlitz.exe0
Faulting application path: GastroBlitz.exe1
Faulting module path: GastroBlitz.exe2
Report Id: GastroBlitz.exe3
Faulting package full name: GastroBlitz.exe4
Faulting package-relative application ID: GastroBlitz.exe5
Error: (12/07/2014 09:52:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: GastroBlitz.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.DirectoryNotFoundException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
at System.IO.DirectoryInfo.Delete(Boolean)
at GastroBlitz.Program.Main()
Error: (12/07/2014 09:52:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GastroBlitz.exe, version: 1.5.9.62, time stamp: 0x5484bbf7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0xe0434352
Fault offset: 0x00014598
Faulting process id: 0xb88
Faulting application start time: 0xGastroBlitz.exe0
Faulting application path: GastroBlitz.exe1
Faulting module path: GastroBlitz.exe2
Report Id: GastroBlitz.exe3
Faulting package full name: GastroBlitz.exe4
Faulting package-relative application ID: GastroBlitz.exe5
Error: (12/07/2014 09:52:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: GastroBlitz.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.DirectoryNotFoundException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
at System.IO.DirectoryInfo.Delete(Boolean)
at GastroBlitz.Program.Main()
Error: (12/07/2014 09:47:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GastroBlitz.exe, version: 1.5.9.62, time stamp: 0x5484bbf7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0xe0434352
Fault offset: 0x00014598
Faulting process id: 0x1998
Faulting application start time: 0xGastroBlitz.exe0
Faulting application path: GastroBlitz.exe1
Faulting module path: GastroBlitz.exe2
Report Id: GastroBlitz.exe3
Faulting package full name: GastroBlitz.exe4
Faulting package-relative application ID: GastroBlitz.exe5
System errors:
=============
Error: (12/12/2014 08:22:45 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
Error: (12/12/2014 08:22:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
%%20
Error: (12/12/2014 08:22:43 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "1E85DE1ECA36" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Error: (12/12/2014 08:22:43 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "1E85DE1ECA36" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Error: (12/12/2014 07:29:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
%%20
Error: (12/12/2014 07:28:23 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (12/12/2014 07:28:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
%%20
Error: (12/12/2014 07:08:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EPSON PCS Parallel Port Driver service failed to start due to the following error:
%%20
Error: (12/12/2014 07:04:58 PM) (Source: DCOM) (EventID: 10010) (User: DOMAENE)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (12/12/2014 07:04:58 PM) (Source: DCOM) (EventID: 10010) (User: DOMAENE)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Microsoft Office Sessions:
=========================
Error: (12/12/2014 00:21:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
Error: (12/12/2014 00:21:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d664800000030000142526bc01d014d91603c967C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll09ad7eef-81f1-11e4-82b3-dc85de1f8d86
Error: (12/11/2014 00:02:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.174155450559ec000014200000000000ec5a0283401d014cd5efbe925C:\Windows\System32\rundll32.exeUSER32.dll9caca3a6-80c0-11e4-82b3-dc85de1f8d86
Error: (12/09/2014 10:02:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DVDFab.exe9.0.5.551f1e399unknown0.0.0.000000000c0000005af3bed947bc01d013f36df64391C:\Program Files (x86)\DVDFab 9\DVDFab.exeunknownabecb94b-7fe6-11e4-82b2-dc85de1f8d86
Error: (12/07/2014 10:08:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: TeamViewer.exe8.0.30992.0175001d0125b88a936f94294967295C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe3a37d1db-7e55-11e4-82b1-dc85de1f8d86
Error: (12/07/2014 09:52:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GastroBlitz.exe1.5.9.625484bbf7KERNELBASE.dll6.3.9600.1741554504adee043435200014598af001d0125fad924723C:\Users\USER.DOMAENE\Desktop\Debug\GastroBlitz.exeC:\Windows\SYSTEM32\KERNELBASE.dlleb510adc-7e52-11e4-82b1-dc85de1f8d86
Error: (12/07/2014 09:52:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: GastroBlitz.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.DirectoryNotFoundException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
at System.IO.DirectoryInfo.Delete(Boolean)
at GastroBlitz.Program.Main()
Error: (12/07/2014 09:52:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GastroBlitz.exe1.5.9.625484bbf7KERNELBASE.dll6.3.9600.1741554504adee043435200014598b8801d0125fa90e546eC:\Users\USER.DOMAENE\Desktop\Debug\GastroBlitz.exeC:\Windows\SYSTEM32\KERNELBASE.dlle6cd181a-7e52-11e4-82b1-dc85de1f8d86
Error: (12/07/2014 09:52:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: GastroBlitz.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.DirectoryNotFoundException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
at System.IO.DirectoryInfo.Delete(Boolean)
at GastroBlitz.Program.Main()
Error: (12/07/2014 09:47:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GastroBlitz.exe1.5.9.625484bbf7KERNELBASE.dll6.3.9600.1741554504adee043435200014598199801d0125f0994d1a5C:\Users\USER.DOMAENE\Desktop\Debug\GastroBlitz.exeC:\Windows\SYSTEM32\KERNELBASE.dll47682fa8-7e52-11e4-82b1-dc85de1f8d86
CodeIntegrity Errors:
===================================
Date: 2014-11-30 17:32:19.121
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-30 17:32:18.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-30 17:29:35.707
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-30 17:29:35.363
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-30 17:28:59.705
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-30 17:28:59.361
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-30 17:28:58.861
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-30 17:28:58.377
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-30 17:26:39.339
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-30 17:26:38.948
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 37%
Total physical RAM: 8013.58 MB
Available physical RAM: 5043.85 MB
Total Pagefile: 16205.58 MB
Available Pagefile: 12169.84 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:116.84 GB) (Free:7.66 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:359.75 GB) (Free:164.67 GB) NTFS
Drive j: () (Network) (Total:182 GB) (Free:55 GB)
Drive k: () (Network) (Total:182 GB) (Free:55 GB)
Drive p: () (Network) (Total:182 GB) (Free:55 GB)
Drive w: () (Network) (Total:182 GB) (Free:55 GB)
Drive x: () (Network) (Total:182 GB) (Free:55 GB)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: FABF76F1)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=359.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
| Themen zu Rechner eventuell infiziert Lavasoft Yahoo, Firefox Umleitung |
| adware, antworten, bereits, board, firefox, forum, geladen, infiziert, laufen, lavasoft, liebe, lieben, mbam, nicht geladen, rechner, seite, seiten, suche, troja, trojaner, trojaner board, umleitung, worte, yahoo, zuviel |
Baum-Darstellung