Informationsarchiv.net > Foren-Übersicht > Computerprobleme > Online- und PC-Sicherheit
Warum kostenlos registrieren?

Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.

Login


Probleme - MSN Plus!

Warnungen vor Sicherheitslücken und Hilfe beim Enfernen von Viren, Würmern und Trojanern.
Antwort erstellen

Probleme - MSN Plus!

Beitragvon kabi am 23.02.2006, 16:43

Hallo,

ich habe gestern auf meinem Computer MSN Plus Installiert. Allerdings habe ich seitdem sehr viele Probleme. Zum Beispiel wird unten blauer Balken mit Links angezeigt, der die Taskleite verdeckt. Außerdem werden nach dem Start des Internet Explorers diverse Popups angezeigt mit Werbung, etc. Und in den Favoriten werden diverse Seiten angezeigt, die sich nicht löschen lassen. Und eine Bar beim IE krieg ich auch nicht mehr weg. Da ich nicht sehr viel Ahnung von Technik habe, hoffe ich, dass mir geholfen werden kann und dies nicht in zu komplizierter Weise geschieht...

Mit freundlichen Grüßen,
kabi

Edit: Hier noch mal das Ergebnis von HJT:


Logfile of HijackThis v1.99.1
Scan saved at 17:32:34, on 23.02.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
C:\Programme\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\Java\jre1.5.0_05\bin\jusched.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Programme\Softwin\BitDefender8\bdoesrv.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe
C:\Programme\Softwin\BitDefender8\bdswitch.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\lexpps.exe
C:\Programme\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Programme\AOL 9.0\aoltray.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\AOL 9.0\waol.exe
C:\Programme\AOL 9.0\shellmon.exe
C:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Dokumente und Einstellungen\Kevin\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chiisaiyishu.ch.funpic.de/
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: (no name) - {0E58946C-31BA-A305-FCCF-29099D193F1C} - C:\DOKUME~1\Katrin\ANWEND~1\WAITLO~1\Spam Less.exe
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: IEHlprObj Class - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programme\Go!Zilla\GoIEHlp.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Programme\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Programme\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SAVEANTIFLAGDELETE] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LINK SEEK SAVE ANTI\list jugs.exe
O4 - HKCU\..\Run: [InstantTray] C:\Programme\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Mit dem LeechGet Wizard laden - file://C:\Programme\LeechGet 2002\\Wizard.html
O8 - Extra context menu item: Mit LeechGet herunterladen - file://C:\Programme\LeechGet 2002\\AddUrl.html
O8 - Extra context menu item: Mit LeechGet parsen - file://C:\Programme\LeechGet 2002\\Parser.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hyrican.de
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {DA511858-B44C-439E-A0EA-704ED20035E7} (EphoxEditLive4.EditLive) - http://www.beepworld.de/hp/activexeditor/editlive4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{12409CE7-7F0D-4B2D-AE49-990993FC407B}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{12409CE7-7F0D-4B2D-AE49-990993FC407B}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Programme\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
kabi
 
Beiträge: 9
Registriert: 23.02.2006, 16:34
Nach oben

Beitragvon Nikita am 24.02.2006, 14:40

1.
deinstalliere den Messenger (ist Malware)

2.
stelle den Cleaner genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html

3.
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: (no name) - {0E58946C-31BA-A305-FCCF-29099D193F1C} - C:\DOKUME~1\Katrin\ANWEND~1\WAITLO~1\Spam Less.exe
O4 - HKLM\..\Run: [SAVEANTIFLAGDELETE] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LINK SEEK SAVE ANTI\list jugs.exe

PC neustarten

4.
Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:


dir %Windir%\tasks /a h > files.txt
notepad files.txt


- Speichern als: findjobs.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate findjobs.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich -- poste den Text

5.
scanne mit Panda und poste den scanreport
http://virus-protect.org/onlinescan.html
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben

Beitragvon kabi am 24.02.2006, 17:13

1. Soll ich den GANZEN MSN Messenger oder nur MSN Plus! deinstallieren? MSN Plus! habe ich bereits deinstalliert...

2. Erledigt

3. Erledigt

4.
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: AF86-8150

Verzeichnis von C:\WINDOWS\tasks

22.02.2006 18:01 <DIR> .
22.02.2006 18:01 <DIR> ..
10.02.2006 17:15 396 1-Klick-Wartung.job
24.02.2006 16:00 276 A07C23EE913FD5BE.job
04.08.2004 13:00 65 desktop.ini
24.02.2006 16:10 6 SA.DAT
24.02.2006 16:11 350 Symantec NetDetect.job
5 Datei(en) 1.093 Bytes

Verzeichnis von C:\Dokumente und Einstellungen\Kevin\Desktop

5.
Detected Disinfected
Virus 0 0
Spyware 0 0
Hacking Tools 0 0
Dialers 0 0
Security Risks 0 0
Suspicious files 0 0

Auf jeden Fall sind die untere blaue Leite und die Bar im IE verschwunden und es erscheinen auch keine Popups mehr. Auch sind sämtliche unlöschbaren Favoriten im IE nun wieder weg.
kabi
 
Beiträge: 9
Registriert: 23.02.2006, 16:34
Nach oben

Beitragvon Nikita am 25.02.2006, 02:19

nur MSN Plus! ist Malware.... die Erfinder haben nur einen Namen gewaehlt, der die Leute glauben laesst, dass es ein normaler Messenger ist....

Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:
Code: Alles auswählen
%systemdrive%
cd C:\WINDOWS\Tasks
attrib -r -s -h A07C23EE913FD5BE.job
del A07C23EE913FD5BE.job


- Speichern als: remjob.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate remjob.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich kurz ist normal


counterspy
http://virus-protect.org/counterspy.html
* nach dem Scan muss man sich entscheiden für:
*Ignore
*Remove
*Quarantaine
wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben

Beitragvon kabi am 25.02.2006, 17:31

Spyware Scan Details
Start Date: 25.02.2006 15:56:54
End Date: 25.02.2006 16:21:36
Total Time: 24 mins 42 secs

Detected spyware

Go!Zilla Adware Bundler more information...
Details: Go!Zilla is an ad supported download manager.
Status: Deleted

Infected files detected
c:\programme\go!zilla\goiehlp.dll
c:\programme\go!zilla\ad.html
c:\programme\go!zilla\download.log
c:\programme\go!zilla\zlib.dll
c:\programme\go!zilla\ezula\ezttstub.exe
c:\programme\go!zilla\plug-ins\schedule.dll
c:\programme\go!zilla\plug-ins\search.dll
c:\programme\go!zilla\weatherbug\download.txt
c:\programme\go!zilla\weatherbug\minibug.exe
c:\programme\go!zilla\weatherbug\wxbugsetup60b6.04.0.9m.exe

Infected registry entries detected
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\dialog\DefaultDownloader show 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\dialog\DefaultDownloader answer 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ie_url http://virus-protect.org/counterspy.html
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options use_sounds 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options on_top 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options launch_browser_on_app_startup 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options tray_on_system_start 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options monitor_clipboard 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options capture_all_ftp 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options use_browser_integration 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options use_proxy 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options http_proxy
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options http_proxy_username
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options http_proxy_password
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ftp_proxy_mode 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ftp_proxy
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ftp_proxy_username
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ftp_proxy_password
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ftp_proxy_login_mode 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options use_cookies 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options launch_downloaded_files 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options use_mirror 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options show_download_info_dialog 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options simultaneous_downloads 3
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options show_download_windows 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options default_directory C:\Dokumente und Einstellungen\Kevin\Desktop\Go!Zilla Downloads
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options bandwidth 193000
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options connection_type 9
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options initial_parts 2
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options max_connections 8
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options striping 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options smart_throttle 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options show_errors 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options show_splash_screen 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options default_throttle 100
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options default_retries 5
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options default_retry_wait 5
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options default_network_timeout 90
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options default_network_connection_timeout 90
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options smart_throttle_sample_time 1500
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options smart_throttle_cut 50
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options smart_throttle_threshhold1 30
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options smart_throttle_threshhold2 20
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options smart_throttle_threshhold3 60
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options smart_throttle_time 1500
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options use_ras 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ras_connection_name
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ras_interrupted_wnd Reestablish Connection
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ras_dial_attempts 99
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ras_dial_timeout 60
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ras_retry_wait 30
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ras_username
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ras_password
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ras_hang_up 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options ras_show 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options shutdown_after_download 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options logging 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options do_virus_scan 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options virus_scan_command_line
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options browser_stealth 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options show_files_in_tree 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options remove_after_success 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\options throttle 100
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\options state 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\options leech threads 4
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\options leech depth 2
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\options leech stay on site 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\options leech polite mode 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\options leech use filters 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\options leech auto download
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\options leech subdirs only 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\options leech get file size 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\Security Username
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\Security Password
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\skin search.skin:0 -1849967744
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\skin search.skin:1 29494863
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_0 order 2
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_0 size 229
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_1 order 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_1 size 24
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_2 order 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_2 size 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_3 order 3
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_3 size 48
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_4 order 4
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_4 size 59
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_5 order 5
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_5 size 94
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results columns 6
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results sort_column_1 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results sort_dir_1 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results sort_column_2 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results sort_dir_2 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn x 401
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn y 609
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn cx 478
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn cy 300
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn primary main
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn position 4
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window\search search.skin; search_basic.skn
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\Search\window search.skin;search_basic.skn
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\ZipZilla\options unzip_path C:\Dokumente und Einstellungen\Kevin\Desktop
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\Plug-Ins\ZipZilla\options unzip_to_folder 1
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\skin default.skin:0 -1855868112
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\skin default.skin:1 29744996
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\main\default.skin;main.skn x 401
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\main\default.skin;main.skn y 414
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\main\default.skin;main.skn cx 478
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\main\default.skin;main.skn cy 195
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\main\default.skin;main.skn primary
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\main\default.skin;main.skn position 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\main default.skin; main.skn
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\splash\default.skin;splash.skn x 557
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\splash\default.skin;splash.skn y 470
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\splash\default.skin;splash.skn cx 166
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\splash\default.skin;splash.skn cy 83
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\splash\default.skin;splash.skn primary
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\splash\default.skin;splash.skn position 0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window\splash default.skin; splash.skn
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window default.skin;main.skn
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla\window default.skin;
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla C:\Programme\Go!Zilla\gozilla.exe
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla path C:\Programme\Go!Zilla
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla fm path C:\Dokumente und Einstellungen\Kevin\Lokale Einstellungen\Anwendungsdaten\Software\Radiate\Go!Zilla\4.0
HKEY_CURRENT_USER\Software\Radiate\Go!Zilla survey 1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD4C3CF0-4B15-11D1-ABED-709549C10000}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD4C3CF0-4B15-11D1-ABED-709549C10000}\InprocServer32 C:\Programme\Go!Zilla\GoIEHlp.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD4C3CF0-4B15-11D1-ABED-709549C10000}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD4C3CF0-4B15-11D1-ABED-709549C10000}\ProgID GoIEHlp.IEHlprObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD4C3CF0-4B15-11D1-ABED-709549C10000}\TypeLib {CD4C3CE2-4B15-11D1-ABED-709549C10000}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD4C3CF0-4B15-11D1-ABED-709549C10000}\VersionIndependentProgID GoIEHlp.IEHlprObj
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD4C3CF0-4B15-11D1-ABED-709549C10000} IEHlprObj Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoIEHlp.IEHlprObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoIEHlp.IEHlprObj.1\CLSID {CD4C3CF0-4B15-11D1-ABED-709549C10000}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoIEHlp.IEHlprObj.1 IEHlprObj Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoIEHlp.IEHlprObj
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoIEHlp.IEHlprObj\CLSID {CD4C3CF0-4B15-11D1-ABED-709549C10000}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoIEHlp.IEHlprObj\CurVer GoIEHlp.IEHlprObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GoIEHlp.IEHlprObj IEHlprObj Class


BearShare P2P more information...
Details: BearShare is a file sharing network. The free version installs a number of known spyware and adware programs.
Status: Deleted

Infected files detected
c:\programme\bearshare\bearshare.dat
c:\programme\bearshare\bearshare.exe
c:\programme\bearshare\freepeers.ini
c:\programme\bearshare\history.txt
c:\programme\bearshare\install.log
c:\programme\bearshare\runmsc.dll
c:\programme\bearshare\unwise.exe
c:\programme\bearshare\unwise.ini
c:\programme\bearshare\webstats.bat
c:\programme\bearshare\webstats.exe
c:\programme\bearshare\webstats.ini
c:\programme\bearshare\db\config.bin
c:\programme\bearshare\db\connect.txt
c:\programme\bearshare\db\gwebcache.dat
c:\programme\bearshare\db\hostiles-chat.txt
c:\programme\bearshare\db\hostiles.txt
c:\programme\bearshare\db\library.2.db
c:\programme\bearshare\db\library.2.db.lastgoodload.bak
c:\programme\bearshare\db\library.db
c:\programme\bearshare\db\library.db.lastgoodload.bak
c:\programme\bearshare\db\searches.ini
c:\programme\bearshare\logs\hosts-state.txt
c:\programme\bearshare\logs\memory.txt
c:\programme\bearshare\logs\ordinal.txt
c:\programme\bearshare\logs\streams.txt
c:\programme\bearshare\sounds\notify.wav
c:\programme\bearshare\temp\tmpkagerou - mousou chikashitsu.dat
c:\programme\bearshare\temp\tmpkagerou - mousou chikashitsu.dat.bak
c:\programme\bearshare\temp\tmpkagerou - mousou chikashitsu.mp3
c:\programme\bearshare\temp\tmpkagerou - mousou chikashitsu.tiger
c:\programme\bearshare\temp\tmpkagerou - nekura kosoku komori uta.dat
c:\programme\bearshare\temp\tmpkagerou - nekura kosoku komori uta.dat.bak
c:\programme\bearshare\temp\tmpkagerou - nekura kosoku komori uta.mp3

Infected registry entries detected
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 C:\Programme\BearShare\RunMSC.dll
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\ProgID RunMSC.Loader.1
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905}
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\VersionIndependentProgID RunMSC.Loader
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} Loader Class
HKEY_CLASSES_ROOT\gnufile
HKEY_CLASSES_ROOT\gnufile\shell\open\command "C:\Programme\BearShare\BearShare.exe" "%1"
HKEY_CLASSES_ROOT\gnufile gnutella
HKEY_CLASSES_ROOT\gnufile BrowserFlags 8
HKEY_CLASSES_ROOT\gnufile EditFlags 65536
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\0\win32 C:\Programme\BearShare\RunMSC.dll
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\HELPDIR C:\Programme\BearShare\
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0 RunMSC 1.0 Type Library
HKEY_LOCAL_MACHINE\software\bearshare
HKEY_LOCAL_MACHINE\software\bearshare InstallDir C:\Programme\BearShare
HKEY_LOCAL_MACHINE\software\classes\gnufile
HKEY_LOCAL_MACHINE\software\classes\gnufile\shell\open\command "C:\Programme\BearShare\BearShare.exe" "%1"
HKEY_LOCAL_MACHINE\software\classes\gnufile gnutella
HKEY_LOCAL_MACHINE\software\classes\gnufile BrowserFlags 8
HKEY_LOCAL_MACHINE\software\classes\gnufile EditFlags 65536
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\0\win32 C:\Programme\BearShare\RunMSC.dll
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\FLAGS 0
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\HELPDIR C:\Programme\BearShare\
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0 RunMSC 1.0 Type Library
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare DisplayName BearShare
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare UninstallString C:\PROGRA~1\BEARSH~1\UNWISE.EXE C:\PROGRA~1\BEARSH~1\INSTALL.LOG
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare DisplayVersion 5.2.0.4DE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare HelpLink http://bearshare.de/Help/index.htm
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare Publisher Free Peers, Inc.
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare URLInfoAbout http://www.freepeers.com
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare DisplayIcon C:\Programme\BearShare\BearShare.exe,-128
HKEY_USERS\.default\appevents\eventlabels\bearsharechatnotifymsg
HKEY_USERS\.default\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting
HKEY_USERS\.default\appevents\schemes\apps\bearshare
HKEY_USERS\.default\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg\.Current C:\Programme\BearShare\sounds\notify.wav
HKEY_USERS\.default\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg
HKEY_USERS\.default\appevents\schemes\apps\bearshare BearShare
HKEY_USERS\s-1-5-18\appevents\eventlabels\bearsharechatnotifymsg
HKEY_USERS\s-1-5-18\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting
HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare
HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg\.Current C:\Programme\BearShare\sounds\notify.wav
HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg
HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare BearShare


eZula.TopText Adware more information...
Details: eZula TopText is a browser hijacker that will alter all pages viewed in Internet Explorer by adding extra links to words and phrases targeted by advertisers. These links are unauthorized by the users of the sites being viewed and not part of the orig
Status: Deleted

Infected files detected
c:\programme\go!zilla\ezula\ezttstub.exe


WhenU.SaveNow Adware more information...
Details: an advertising application that displays pop-up advertising on the desktop in response to users' surfing behavior.
Status: Deleted

Infected files detected
C:\Programme\BearShare\RunMSC.dll
C:\Programme\BearShare\Webstats.exe
C:\Programme\BearShare\Webstats.ini

Infected registry entries detected
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader.1\clsid
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader.1\clsid {9F95F736-0F62-4214-A4B4-CAA6738D4C07}
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\clsid
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\clsid {9F95F736-0F62-4214-A4B4-CAA6738D4C07}
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\curver
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\curver RunMSC.Loader.1
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905}
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97} ILoader
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 C:\Programme\BearShare\RunMSC.dll
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\ProgID RunMSC.Loader.1
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\VersionIndependentProgID RunMSC.Loader
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} Loader Class


Messenger Plus! Adware Bundler more information...
Details: Messenger Plus! is a add-on for MSN Messenger. Messenger Plus! installs an OPTIONAL adware called C2Media which is also known as LOP.com.
Status: Deleted

Infected files detected
C:\System Volume Information\_restore{F8E12D14-C09A-407C-AD18-FC847DB5DF88}\RP177\A0163745.dll
C:\System Volume Information\_restore{F8E12D14-C09A-407C-AD18-FC847DB5DF88}\RP177\A0163746.dll
C:\System Volume Information\_restore{F8E12D14-C09A-407C-AD18-FC847DB5DF88}\RP177\A0163747.dll
C:\System Volume Information\_restore{F8E12D14-C09A-407C-AD18-FC847DB5DF88}\RP177\A0163748.dll


WurldMedia Browser Hijacker more information...
Details: WurldMedia is an Internet Explorer BHO that detects visits to known sites and redirects them through a third-party server in order to take the affiliate fees. WurldMedia even steals the fees from other webmasters when you use their own links.
Status: Deleted

Infected files detected
C:\Programme\Go!Zilla\GoIEHlp.dll

Infected registry entries detected
HKEY_CLASSES_ROOT\interface\{cd4c3cef-4b15-11d1-abed-709549c10000}
HKEY_CLASSES_ROOT\interface\{cd4c3cef-4b15-11d1-abed-709549c10000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\interface\{cd4c3cef-4b15-11d1-abed-709549c10000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\interface\{cd4c3cef-4b15-11d1-abed-709549c10000}\TypeLib {CD4C3CE2-4B15-11D1-ABED-709549C10000}
HKEY_CLASSES_ROOT\interface\{cd4c3cef-4b15-11d1-abed-709549c10000}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\interface\{cd4c3cef-4b15-11d1-abed-709549c10000} IIEHlprObj


Aureate Spyware more information...
Details: Aureate, also known as Radiate is ad supposrted software that sends personall information to its servers over the Internet without user consent.
Status: Deleted

Infected registry entries detected
HKEY_CURRENT_USER\software\radiate
HKEY_CURRENT_USER\software\radiate\Go!Zilla\dialog\DefaultDownloader show 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\dialog\DefaultDownloader answer 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ie_url http://virus-protect.org/counterspy.html
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options use_sounds 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options on_top 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options launch_browser_on_app_startup 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options tray_on_system_start 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options monitor_clipboard 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options capture_all_ftp 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options use_browser_integration 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options use_proxy 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options http_proxy
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options http_proxy_username
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options http_proxy_password
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ftp_proxy_mode 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ftp_proxy
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ftp_proxy_username
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ftp_proxy_password
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ftp_proxy_login_mode 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options use_cookies 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options launch_downloaded_files 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options use_mirror 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options show_download_info_dialog 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options simultaneous_downloads 3
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options show_download_windows 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options default_directory C:\Dokumente und Einstellungen\Kevin\Desktop\Go!Zilla Downloads
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options bandwidth 193000
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options connection_type 9
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options initial_parts 2
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options max_connections 8
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options striping 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options smart_throttle 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options show_errors 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options show_splash_screen 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options default_throttle 100
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options default_retries 5
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options default_retry_wait 5
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options default_network_timeout 90
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options default_network_connection_timeout 90
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options smart_throttle_sample_time 1500
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options smart_throttle_cut 50
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options smart_throttle_threshhold1 30
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options smart_throttle_threshhold2 20
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options smart_throttle_threshhold3 60
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options smart_throttle_time 1500
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options use_ras 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ras_connection_name
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ras_interrupted_wnd Reestablish Connection
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ras_dial_attempts 99
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ras_dial_timeout 60
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ras_retry_wait 30
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ras_username
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ras_password
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ras_hang_up 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options ras_show 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options shutdown_after_download 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options logging 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options do_virus_scan 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options virus_scan_command_line
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options browser_stealth 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options show_files_in_tree 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options remove_after_success 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\options throttle 100
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\options state 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\options leech threads 4
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\options leech depth 2
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\options leech stay on site 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\options leech polite mode 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\options leech use filters 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\options leech auto download
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\options leech subdirs only 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\options leech get file size 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\Security Username
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\Security Password
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\skin search.skin:0 -1849967744
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\skin search.skin:1 29494863
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_0 order 2
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_0 size 229
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_1 order 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_1 size 24
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_2 order 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_2 size 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_3 order 3
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_3 size 48
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_4 order 4
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_4 size 59
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_5 order 5
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results\column_5 size 94
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results columns 6
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results sort_column_1 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results sort_dir_1 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results sort_column_2 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn\results sort_dir_2 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn x 401
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn y 609
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn cx 478
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn cy 300
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn primary main
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search\search.skin;search_basic.skn position 4
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window\search search.skin; search_basic.skn
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\Search\window search.skin;search_basic.skn
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\ZipZilla\options unzip_path C:\Dokumente und Einstellungen\Kevin\Desktop
HKEY_CURRENT_USER\software\radiate\Go!Zilla\Plug-Ins\ZipZilla\options unzip_to_folder 1
HKEY_CURRENT_USER\software\radiate\Go!Zilla\skin default.skin:0 -1855868112
HKEY_CURRENT_USER\software\radiate\Go!Zilla\skin default.skin:1 29744996
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\main\default.skin;main.skn x 401
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\main\default.skin;main.skn y 414
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\main\default.skin;main.skn cx 478
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\main\default.skin;main.skn cy 195
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\main\default.skin;main.skn primary
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\main\default.skin;main.skn position 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\main default.skin; main.skn
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\splash\default.skin;splash.skn x 557
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\splash\default.skin;splash.skn y 470
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\splash\default.skin;splash.skn cx 166
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\splash\default.skin;splash.skn cy 83
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\splash\default.skin;splash.skn primary
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\splash\default.skin;splash.skn position 0
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window\splash default.skin; splash.skn
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window default.skin;main.skn
HKEY_CURRENT_USER\software\radiate\Go!Zilla\window default.skin;
HKEY_CURRENT_USER\software\radiate\Go!Zilla C:\Programme\Go!Zilla\gozilla.exe
HKEY_CURRENT_USER\software\radiate\Go!Zilla path C:\Programme\Go!Zilla
HKEY_CURRENT_USER\software\radiate\Go!Zilla fm path C:\Dokumente und Einstellungen\Kevin\Lokale Einstellungen\Anwendungsdaten\Software\Radiate\Go!Zilla\4.0
HKEY_CURRENT_USER\software\radiate\Go!Zilla survey 1
kabi
 
Beiträge: 9
Registriert: 23.02.2006, 16:34
Nach oben

Beitragvon Nikita am 26.02.2006, 15:47

scanne mit panda und poste den scanreport
http://virus-protect.org/onlinescan.html
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben

Beitragvon kabi am 26.02.2006, 20:17

Detected Disinfected
Virus 0 0
Spyware 15 0
Hacking Tools 0 0
Dialers 0 0
Security Risks 0 0
Suspicious files 0 0



Incident Status Location

Adware:adware/aureate-radiate Not disinfected Windows Registry
Adware:Adware/Lop Not disinfected C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LINK SEEK SAVE ANTI\list jugs.exe
Adware:Adware/Lop Not disinfected C:\Dokumente und Einstellungen\Katrin\Anwendungsdaten\BURN FLAG BOWS\nlaiozhu.exe
Adware:Adware/Lop Not disinfected C:\Dokumente und Einstellungen\Katrin\Anwendungsdaten\BURN FLAG BOWS\Platform Boob Does.exe
Adware:Adware/Lop Not disinfected C:\Dokumente und Einstellungen\Katrin\Anwendungsdaten\BURN FLAG BOWS\sect trust.exe
Adware:Adware/Lop Not disinfected C:\Dokumente und Einstellungen\Katrin\Anwendungsdaten\BURN FLAG BOWS\user mfcd cool ford.exe
Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@2o7[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@adtech[1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@adultfriendfinder[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@atdmt[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@casalemedia[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@fastclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@media.fastclick[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@tribalfusion[1].txt
Adware:Adware/Lop Not disinfected C:\Dokumente und Einstellungen\Kevin\Desktop\backups\backup-20060224-160904-574.dll
kabi
 
Beiträge: 9
Registriert: 23.02.2006, 16:34
Nach oben

Beitragvon Nikita am 26.02.2006, 22:07

1.
Standardansicht in Windows Explorer anpassen, um ausgeblendete Ordner anzuzeigen.
http://virus-protect.org/invisible.html

2.
loesche im abgesicherten Modus: (F8 druecken, wenn der PC hochfaehrt)

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LINK SEEK SAVE ANTI
C:\Dokumente und Einstellungen\Katrin\Anwendungsdaten\BURN FLAG BOWS

wenn du es findest:
C:\Dokumente und Einstellungen\Katrin\Anwendungsdaten\WAITLO... (ist nicht der komplette Name...du musst suchen)

3.
dann ueberpruefe mit Panda, ob es weg ist ;)
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben

Beitragvon kabi am 28.02.2006, 17:20

Ich weine ja schon fast... Es ist immernoch Spyware drauf...

Detected Disinfected
Virus 0 0
Spyware 12 0
Hacking Tools and potentially unwanted tools 0 0
Dialers 0 0
Security Risks 0 0
Suspicious files 0 0
Jokes 0 0



Incident Status Location

Adware:adware/aureate-radiate Not disinfected Windows Registry
Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@2o7[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@as1.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@atdmt[1].txt
Adware:Adware/Lop Not disinfected C:\Dokumente und Einstellungen\Kevin\Desktop\backups\backup-20060224-160904-574.dll
Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Loser\Cookies\loser@2o7[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Dokumente und Einstellungen\Loser\Cookies\loser@adtech[2].txt
Adware:Adware/Lop Not disinfected C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc1\list jugs.exe
Adware:Adware/Lop Not disinfected C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc2\nlaiozhu.exe
Adware:Adware/Lop Not disinfected C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc2\Platform Boob Does.exe
Adware:Adware/Lop Not disinfected C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc2\sect trust.exe
Adware:Adware/Lop Not disinfected C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc2\user mfcd cool ford.exe
kabi
 
Beiträge: 9
Registriert: 23.02.2006, 16:34
Nach oben

Beitragvon Nikita am 28.02.2006, 19:57

1.
Leere den Papierkorb

2.
dann schaue,ob das noch da ist...wenn ja, loesche es manuell:

C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc1\list jugs.exe
C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc1

C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc2\nlaiozhu.exe
C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc2\Platform Boob Does.exe
C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc2\sect trust.exe
C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc2\user mfcd cool ford.exe
C:\RECYCLER\S-1-5-21-4226089207-3404379583-1926369862-1008\Dc2

3.
Ueberpruefe mit panda, ob alles sauber ist ;)
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben

Beitragvon kabi am 02.03.2006, 14:14

Ist noch nicht sauber... Im Grunde ist jetzt noch mehr da *lach*

Detected Disinfected
Virus 0 0
Spyware 11 0
Hacking Tools and potentially unwanted tools 0 0
Dialers 0 0
Security Risks 0 0
Suspicious files 0 0
Jokes 0 0


Incident Status Location

Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@2o7[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@as1.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Dokumente und Einstellungen\Katrin\Cookies\katrin@atdmt[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Dokumente und Einstellungen\Kevin\Cookies\kevin@ad.yieldmanager[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Dokumente und Einstellungen\Kevin\Cookies\kevin@burstnet[2].txt
Spyware:Cookie/Overture Not disinfected C:\Dokumente und Einstellungen\Kevin\Cookies\kevin@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Dokumente und Einstellungen\Kevin\Cookies\kevin@questionmarket[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Dokumente und Einstellungen\Kevin\Cookies\kevin@zedo[1].txt
Adware:Adware/Lop Not disinfected C:\Dokumente und Einstellungen\Kevin\Desktop\backups\backup-20060224-160904-574.dll
Spyware:Cookie/2o7.net Not disinfected C:\Dokumente und Einstellungen\Loser\Cookies\loser@2o7[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Dokumente und Einstellungen\Loser\Cookies\loser@adtech[2].txt
kabi
 
Beiträge: 9
Registriert: 23.02.2006, 16:34
Nach oben

Beitragvon Nikita am 02.03.2006, 15:11

fein ;)

die Cookies stoeren nicht.
Es ist wieder alles sauber ;)
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben
Antwort erstellen

Ähnliche Themen

plötzlich mehrere probleme
Forum: Hardware-Hilfe
Autor: Anonymous
Antworten:
Probleme mit WinXP auf einem Laptop Amilo A beim Hochfahren
Forum: Hardware-Hilfe
Autor: Anonymous
Antworten:
Probleme mit Onboard-Geräten
Forum: Hardware-Hilfe
Autor: Anonymous
Antworten:
Probleme beim Installiern
Forum: Hardware-Hilfe
Autor: Anonymous
Antworten:
Probleme nach dem Hochstarten meines Rechners
Forum: Software-Hilfe
Autor: schlitzoehrli
Antworten:
Nach oben

Zurück zu Online- und PC-Sicherheit

Wer ist online?

Mitglieder in diesem Forum: 0 Mitglieder und 0 Gäste

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Deutsche Übersetzung durch phpBB.de
phpBB SEO