Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   AV + Firewall down, inet weg (https://www.trojaner-board.de/50277-av-firewall-down-inet-weg.html)

Manticore7 07.03.2008 22:57
AV + Firewall down, inet weg
 
Hallo zusammen,

nach Ausführen einer (wie ich dachte) sauberen Datei hat mein Rechner alle AV Programme (Avast, Spybot) und die Firewall (Sygate) runtergefahren. Ich hatte auch einen Bluescreen. Habe Rechner neu gestartet, alles lief soweit normal, nur dass alle o.g. Programme nicht mehr gestartet werden, auch manuell ist es nicht möglich ("keine gültige Win 32 Anwendung"). Internet funktioniert auch nicht mehr, Verbindung zum Router auch nicht (obwohl Rechner sagt, dass die Verbindung steht). Starten im abgesicherten Modus geht auch nicht, kommt Bluescreen. Avast deinstalliert und neu drauf, gleiche Fehlermeldung. HijackThis aus 2. Rechner geladen, mit Stick rüberkopiert --> gleiche Fehlermeldung, lässt sich nicht starten.
Das log-File von SmitFraudFix sieht so aus:
SmitFraudFix v2.300

Scan done at 22:30:02.82, Fri 03/07/2008
Run from C:\Documents and Settings\***\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost
127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
DNS Server Search Order: 192.168.0.1

Description: Intel(R) PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{11525CE2-94B3-46E5-8494-383E5D3714FA}: NameServer=192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{5F095C36-2875-4F94-9BB4-E839D7675A28}: NameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D337059E-1ED0-4BB2-A818-57604F838D85}: NameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{11525CE2-94B3-46E5-8494-383E5D3714FA}: NameServer=192.168.0.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5F095C36-2875-4F94-9BB4-E839D7675A28}: NameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D337059E-1ED0-4BB2-A818-57604F838D85}: NameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{11525CE2-94B3-46E5-8494-383E5D3714FA}: NameServer=192.168.0.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{5F095C36-2875-4F94-9BB4-E839D7675A28}: NameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D337059E-1ED0-4BB2-A818-57604F838D85}: NameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning not selected.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End

Hab dann noch MWAV draufgezogen und lass es gerade laufen....

Hat jemand sonst eine Idee, evtl. die Platte von dem anderen Rechner aus scannen?

Gruss,
Stefan

boston 07.03.2008 23:01
lade dier hier
ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe
blacklight herunter
dann als admin :
- i accept the agreement
- next
- scan
und dann poste bitte das log, das du im blacklight-ordner findest.

Manticore7 07.03.2008 23:24
Hier das log File (1. Teil):

03/07/08 23:06:22 [Info]: BlackLight Engine 1.0.67 initialized
03/07/08 23:06:22 [Info]: OS: 5.1 build 2600 (Service Pack 2)
03/07/08 23:06:22 [Note]: 7019 4
03/07/08 23:06:22 [Note]: 7005 0
03/07/08 23:06:29 [Note]: 7006 0
03/07/08 23:06:29 [Note]: 7011 688
03/07/08 23:06:31 [Note]: 7026 0
03/07/08 23:06:33 [Note]: 7026 0
03/07/08 23:06:33 [Note]: 7024 3
03/07/08 23:06:33 [Info]: Hidden process: C:\WINDOWS\system32\drivers\hldrrr.exe
03/07/08 23:06:37 [Note]: FSRAW library version 1.7.1024
03/07/08 23:08:16 [Info]: Hidden file: c:\Program Files\ETHZ\VPN Client\shared\help_tips.html
03/07/08 23:08:16 [Note]: 10002 3
03/07/08 23:08:16 [Info]: Hidden file: c:\Program Files\ETHZ\VPN Client\shared\ref_help.html
03/07/08 23:08:16 [Note]: 10002 3
03/07/08 23:08:16 [Info]: Hidden file: c:\Program Files\ETHZ\VPN Client\shared\style_1.css
03/07/08 23:08:16 [Note]: 10002 3
03/07/08 23:08:16 [Info]: Hidden file: c:\Program Files\ETHZ\VPN Client\shared\WHnonIE4.css
03/07/08 23:08:16 [Note]: 10002 3
03/07/08 23:08:16 [Note]: 10002 2
03/07/08 23:08:16 [Note]: 10002 2
03/07/08 23:09:04 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Empty.txt
03/07/08 23:09:04 [Note]: 10002 3
03/07/08 23:09:04 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Filters.xml
03/07/08 23:09:04 [Note]: 10002 3
03/07/08 23:09:04 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\news.png
03/07/08 23:09:04 [Note]: 10002 3
03/07/08 23:09:04 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\paint.png
03/07/08 23:09:04 [Note]: 10002 3
03/07/08 23:09:04 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Profiles\Blank.txt
03/07/08 23:09:04 [Note]: 10002 3
03/07/08 23:09:04 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample1.jpg
03/07/08 23:09:04 [Note]: 10002 3
03/07/08 23:09:04 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample2.jpg
03/07/08 23:09:04 [Note]: 10002 3
03/07/08 23:09:04 [Note]: 10002 2
03/07/08 23:09:04 [Note]: 10002 2
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\activity_speaker_states.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_bot.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_bot.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_left.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_left.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_right.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_right.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_top.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_top.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\button_chevron_down.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\button_chevron_up.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\capbuttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\columnheads.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\combo.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\combo_arrow.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\connect_chunkyanim.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\dark_connect_chunkyanim.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\dialbtn_pad.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\donotdisturb.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\games_close.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\grabbie.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\grabbie.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\groupboxedge.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\headerbg.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\icons_tbar_disabled.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\icons_tbar_hot.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\icons_tbar_normal.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\indigo.xml
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\itabs.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menubar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menubar_states.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menuitem.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menusearchbar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menu_bg.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menu_scroll.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menu_sep.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\mute_states.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pab_abook_off.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pab_abook_on.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pab_add1.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pab_mlist1_off.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pab_mlist1_on.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\photoshare_slider.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\photoshare_slider_tray.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\preview_indigo.jpg
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\preview_indigo_intl.jpg
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\progressbar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pushbuttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\radio.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_vbg.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_hhandle.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_vhandle.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_buttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_griph.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_gripv.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_hbg.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\search_bang.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\silver_bg.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\slotborder.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\slotborder_we.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\slot_empty_bg.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\statusbar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\statusgrabber.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\subhdrbg.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\subhdrbg_cls.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\subhdrbg_cls_hover.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\subhdrbg_hover.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\sys_menu.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tabs.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tabs_standard.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tab_border.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tbar_sep.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\title.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\title_down.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\title_hover.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\title_up.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\toolbarbuttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_bot.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_bot.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_left.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_left.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_right.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_right.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_top.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_top.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_capbuttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_vert.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_up.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_h.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\checkbox.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_down.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\up_down_h.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_11.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_horz.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_left.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_right.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_v.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\triangletray.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\typedown.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\up_down.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\up_down_arrow.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\up_down_h_arrow.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_3.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_7.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_4.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_8.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_5.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_9.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_2.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_6.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_tbar_hold.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_tbar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_tbar_incoming.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_ringer.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_callbtn.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\Voice_Circle.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_ctrls.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_0.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_1.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_10.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_lights.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_bot.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_bot.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_left.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_left.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_right.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_right.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_top.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_top.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\button_chevron_down.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\button_chevron_up.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\capbuttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\checkbox.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\columnheads.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\combo.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\combo_arrow.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\dialbtn_pad.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\donotdisturb.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\games_close.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\grabbie.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\grabbie.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\groupboxedge.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\headerbg.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\icons_tbar_disabled.bmp
03/07/08 23:09:53 [Note]: 10002 3

Manticore7 07.03.2008 23:25
2. Teil:

03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\icons_tbar_hot.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\icons_tbar_normal.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\itabs.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\maverick.xml
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menubar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menubar_states.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menuitem.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menusearchbar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menu_bg.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menu_scroll.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menu_sep.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pab_abook_off.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pab_abook_on.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pab_add1.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pab_mlist1_off.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pab_mlist1_on.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\photoshare_slider.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\photoshare_slider_tray.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\preview_mavblue.jpg
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\preview_mavblue_intl.jpg
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\progressbar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pushbuttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\radio.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_vbg.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_hhandle.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_vhandle.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_buttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_griph.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_gripv.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_hbg.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\search_bang.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\silver_bg.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\slotborder.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\slotborder_we.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\slot_empty_bg.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\statusbar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\statusgrabber.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\subhdrbg.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\subhdrbg_cls.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\subhdrbg_cls_hover.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\subhdrbg_hover.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_top.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_bot.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_bot.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_left.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_left.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_right.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_right.rgn
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_top.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_capbuttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_vert.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_up.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_h.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_down.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_horz.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_left.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_right.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_v.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\sys_menu.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_callbtn.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\triangletray.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\typedown.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\up_down.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\up_down_arrow.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\up_down_h.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\up_down_h_arrow.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_3.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_7.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_4.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_8.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_5.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_9.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_2.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_6.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_tbar_hold.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_tbar.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_tbar_incoming.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_ctrls.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_0.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_1.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_10.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_11.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_lights.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_ringer.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tabs.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tabs_standard.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tab_border.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tbar_bg.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tbar_sep.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\title.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\title_down.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\title_hover.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\title_up.png
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\toolbarbuttons.bmp
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\preview_classic_msgr.jpg
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\npYState.dll
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\YAlertCenter.dll
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\YbSkin2.dll
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\YbSkinSelect.dll
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\YbSkinSelectRes.dll
03/07/08 23:09:53 [Note]: 10002 3
03/07/08 23:09:53 [Note]: 10002 2
03/07/08 23:09:53 [Note]: 10002 2
03/07/08 23:14:57 [Note]: 10002 2
03/07/08 23:14:57 [Note]: 10002 2
03/07/08 23:15:43 [Info]: Hidden file: C:\WINDOWS\system32\drivers\hldrrr.exe
03/07/08 23:15:43 [Note]: 10002 2
03/07/08 23:15:43 [Info]: Hidden file: c:\WINDOWS\system32\drivers\srosa.sys
03/07/08 23:15:43 [Note]: 10002 2
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\3935539.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\3936710.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\3938182.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\3942198.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\3962738.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\3967464.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\3969477.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\3971961.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\3974605.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\4007382.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\4010596.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\4011277.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\4014823.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\4018458.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\4059407.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Info]: Hidden file: c:\WINDOWS\system32\drivers\down\4063573.exe
03/07/08 23:15:45 [Note]: 10002 3
03/07/08 23:15:45 [Note]: 10002 2
03/07/08 23:15:45 [Note]: 10002 2
03/07/08 23:16:40 [Note]: 2000 1012
03/07/08 23:16:40 [Note]: 2000 1012
03/07/08 23:16:40 [Note]: 2000 1012
03/07/08 23:19:59 [Note]: 7007 0

Bringt das etwas?

boston 07.03.2008 23:33
ja, das führt dich, wie erwartet, dazu
http://www.trojaner-board.de/12154-a...sicherung.html
bei einem bagle-befall ist das die einzige lösung.
Technische Kompromittierung - Wikipedia
Botnet - Wikipedia

Manticore7 07.03.2008 23:42
Danke erstmal für die schnelle Hilfe.

Woran hast Du jetzt erkannt, dass es solch ein Befall ist?

Wie ist das mit wichtigen Dateien, die ich auf dem Rechner habe (pdf, excel, word etc)? Kann ich vor vor der FOrmatierung noch auf nem Stick sichern?

Und wie sieht es aus mit gespeicherten Passwörtern? Ich habe ein (verschlüsseltes) Programm für die Speicherung von Passwörtern etc. auf dem Rechner. Muss ich damit rechnen, dass diese kompromittiert wurden?

boston 08.03.2008 00:03
C:\WINDOWS\system32\drivers\hldrrr.exe
c:\WINDOWS\system32\drivers\srosa.sys
etc.
sind die typischen bagle-einträge,
wobei auch schon die symptome für diesen befall sprechen.

eigene dokumente, bilder, musik können gesichert werden(am besten mit einer
live-cd wie knoppix), allerdings sollten diese von einem cleanen rechner
überprüft werden.
vom sichern von ausführbaren dateien ist absolut abzuraten.
deine passwörter sollten von einem cleanen rechner, sobald wie möglich,
geändert werden.

blow-in 08.03.2008 10:13
Zitat:
Zitat von Manticore7 (Beitrag 326732)
Und wie sieht es aus mit gespeicherten Passwörtern? Ich habe ein (verschlüsseltes) Programm für die Speicherung von Passwörtern etc. auf dem Rechner. Muss ich damit rechnen, dass diese kompromittiert wurden?
Da würde ich auf jeden Fall davon ausgehen, dass diese preisgegeben sind.

Manticore7 08.03.2008 12:55
Alles klar, thx. Ich hatte bei dem Rechner aber recht schnell die Wireless Verbindung abgeschaltet, die Netzwerkverbindung hat sowieso nicht mehr funktioniert. Können da die verschlüsselten PW trotzdem weg sein?

Gruss,
Stefan

Manticore7 08.03.2008 18:13
Noch ne andere Frage: wie sieht es aus mit Outlook Emails und Kontakten und Booksmarks von Firefox. Kann ich die noch sichern?

KarlKarl 09.03.2008 05:03
Hi,

So schnell kannst Du garnichts abschalten wie es übertragen sein kann.

Die Daten kannst Du vorher ischern, zumindest die Emails würde ich aber sehr gründlich scannen danach. Die Lesezeichen sind kein Problem, die dort gespeicherten Seiten sleber können aber schon eins sein, ich kenne sie ja nicht ;)

Gruß, Karl

BataAlexander 10.03.2008 22:39
Diese Bagles sind echt ein Teufelszeug.

Virustotal

Zitat:
[ DetectionInfo ]
* Sandbox name: NO_MALWARE
* Signature name: NO_VIRUS
* Compressed: YES
* TLS hooks: NO
* Executable type: Application
* Executable file structure: OK

[ General information ]
* Anti debug/emulation code present.
* **Locates window "NULL [class OLLYDBG]" on desktop.
* **Locates window "NULL [class GBDYLLO]" on desktop.
* **Locates window "NULL [class pediy06]" on desktop.
* **Locates window "NULL [class FilemonClass]" on desktop.
* **Locates window "File Monitor - Sysinternals: www.sysinternals.com [class NULL]" on desktop.
* **Locates window "NULL [class PROCMON_WINDOW_CLASS]" on desktop.
* **Locates window "Process Monitor - Sysinternals: www.sysinternals.com [class NULL]" on desktop.
* **Locates window "NULL [class RegmonClass]" on desktop.
* **Locates window "Registry Monitor - Sysinternals: www.sysinternals.com [class NULL]" on desktop.
* **Locates window "NULL [class 18467-41]" on desktop.

[ Changes to registry ]
* Accesses Registry key "HKLM\SOFTWARE\NuMega\DriverStudio".
* Accesses Registry key "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer".
* Accesses Registry key "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Network".
* Accesses Registry key "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Comdlg32".
* Accesses Registry key "HKCU\software".
* Creates key "HKCU\Software\America Online\Local AppWizard-Generated Applications".
* Creates key "HKCU\Software\America Online\Local AppWizard-Generated Applications\uiytuhjy Ready".
* Creates key "HKCU\Software\America Online\Local AppWizard-Generated Applications\uiytuhjy Ready\Recent File List".
* Creates key "HKCU\Software\America Online\Local AppWizard-Generated Applications\uiytuhjy Ready\Settings".

[ Process/window information ]
* Enumerates running processes.
In meiner VM sagts dann: "A monitor programm has been found running in your system. Please, unload it from memory and restart your system.

Manticore7 11.03.2008 14:33
Jetzt weiss ich auch, warum mein AV kein Alarm geschlagen hat: Avast scheint das Ding nicht zu erkennen....

Danke für die Infos....


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:18 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19