Fortsetzung Punkt 4 und 5
Punkt 4 - Kaspersky Bericht Code:
KASPERSKY ONLINE SCANNER 7.0: scan report
Thursday, August 26, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Wednesday, August 25, 2010 12:26:43
Records in database: 4144122
Scan settings
scan using the following database extended
Scan archives yes
Scan e-mail databases yes
Scan area My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\
Scan statistics
Objects scanned 63941
Threats found 2
Infected objects found 2
Suspicious objects found 0
Scan duration 04:03:19
File name Threat Threats count
E:\Dokumente und Einstellungen\Milan\Anwendungsdaten\51833F755F0910147EBDC600F2A78BBF\setupmodule710.exe Infected: Trojan-Dropper.Win32.FrauDrop.bbj 1
G:\Programme\eMule\Temp\002.part Infected: not-a-virus:AdWare.Win32.AdvertMen.a 1
Selected area has been scanned.
Beide Objekte gelöscht aber noch nicht aus dem Papierkorb, falls Du es brauchst. Laufwerk "G" war mein früherer Betriebssystem Laufwerk, den habe ich verloren auch wegen einem Trojaner. Nach der Säuberung, die ich manuell versuchte (es war dumm), startet nicht.
Punkt 5 - Hijackthis- Logfile Code:
HiJackthis Logfile:
Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 03:20:57, on 26.08.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Programme\FRITZ!DSL\IGDCTRL.EXE
E:\Programme\Java\jre6\bin\jqs.exe
E:\WINDOWS\System32\svchost.exe
E:\Programme\IncrediMail\Bin\IncMail.exe
E:\Programme\IncrediMail\bin\IMApp.exe
E:\Programme\trend micro\hijackthis.exe
E:\Programme\Mozilla Firefox\firefox.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVMFBoxMonitor] "E:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe"
O4 - HKLM\..\Run: [Babylon Client] G:\Programme\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1279223736515
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - E:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - E:\Programme\Java\jre6\bin\jqs.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 3389 bytes
--- --- ---
Zum Vergleich auch die Hijackthis Logfile, die ich zuerst gemacht habe. Die gehörte eigentlich zum Punkt 1. Diese Log habe ich erst jetzt gefunden.
Code:
HiJackthis Logfile:
Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:19, on 24.08.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Programme\FRITZ!DSL\IGDCTRL.EXE
E:\Programme\Java\jre6\bin\jqs.exe
E:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
E:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe
G:\Programme\Babylon\Babylon-Pro\Babylon.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Programme\Mozilla Firefox\firefox.exe
E:\WINDOWS\System32\svchost.exe
E:\Programme\IncrediMail\Bin\IncMail.exe
E:\Programme\IncrediMail\bin\IMApp.exe
E:\Dokumente und Einstellungen\Milan\Eigene Dateien\Downloads\RSIT.exe
E:\Programme\trend micro\Milan.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVMFBoxMonitor] "E:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe"
O4 - HKLM\..\Run: [Babylon Client] G:\Programme\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1279223736515
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - E:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - E:\Programme\Java\jre6\bin\jqs.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 3667 bytes
--- --- ---
Hier der Text von dem abgesetzten Trojaner "setupmodule710" "local.ini", inzwischen gelöscht aber im Papierkorb noch vorhanden, zusammen mit "enemies-names.txt"
[Main]
formCaption=Application
MainTB=0=Security status,1=System scan,2=Check for updates,3=Settings,
lStatusHeader=Security status
lStatusL2=Runtime system protection status monitoring. Be sure all the tools marked ON.
lStatusSummary=Security summary:
lStatusL3=Running insecure state, several vulnerabilities are detected
lStatusL4=Last virus scan:
Label7=Last update:
lStatusL5=Last scan results:
lStatusLastUpdate=never
btStatusFirewall=Disable
btStatusAntivirus=Disable
btStatusSpyware=Disable
btStatusAutoUpdate=Enable
btStatusScheduleScan=Enable
btStatusRAM=Enable
labelSSCaption=System scan
labelSS_2=Scan && fix Your computer
labelSS_ScanType=Scan type:
gbScanStat= Last scan summary
gbActiveScan= Scan process
rbQuick=Quick
rbDeep=Deep
rbSelectFolder=Select Folder
rbMemoryScan=Memory Scan
btStart=Start
btStop=Stop
lvFoundItems=0=Threat Name,1=Type,2=Description,3=Threat Level,
btRemoveThreads=Remove Threats
stScanStats1=Objects scanned:
stScanStats3=Threats detected:
stScanStats5=Removed/healed:
stScanStats_eliminate=0
stActiveScan1=Currently scanning:
stActiveScan3=Current object:
stActiveScan2=File System
bSelDir=..
lUpdateInfo0=Please, get {APPNAME} updates from the Internet automatically. To ensure the maximum antivirus protection it is important to keep virus database on your PC up-to-date.
lUpdateHeader=Software update
GroupBox1= Settings
cbUpdate1=Update upon next system start
cbUpdate2=Update immediately
cbUpdate3=Require confirmation
GroupBox2= Database information
stUpdate1=Database version:
stUpdate2=Virus signatures:
cbUpdate4=Restart immediately
cbUpdate5=Complete at next system start
bUpdateSave=Save settings
bUpdateCheck=Check for updates
lSettingsHeader=Settings
lSettingsInfo0=You can customize Your preferences here.
LSettingsInfo1=Changes on this settings will take effect after system restart
GroupBox5= Threats Warning
cbSettings1=Enable
GroupBox6= Additional
cbSettings2=Start with Windows startup
cbSettings3=Disable scheduled scans while running on battery power
bSettingsSave=Save settings
GroupBox3= Compatibility
cbSettings4=Compatibility with self-defense applications
Button1=start
Button2=stop
Button3=blcat
ShowGui=Show {APPNAME} main window
Activatenow1=Activate now
Update1=Update
Options1=Settings
Help1=Help
Contactcustomsupport1=Contact Customer Support
N2=Close
[BrowserDlg]
formCaption={APPNAME} Activation
WebBrowser=TWebBrowser
[CancelScan]
formCaption={APPNAME} - System scan not completed
lInfo=You have not completed Your system analysis.%NEWLINE%{APPNAME} has detected threats in Your system during the scan.%NEWLINE%You need to complete System scan and eliminate threats it finds.
bContinue=Continue scan
bRemindLater=Remind Later
[RegistrationWindow]
formCaption={APPNAME} activation
lHeader=Activate {APPNAME}
lHeader2=Make Your PC free from all kinds of threats
lInfo1=Award-winning scan technology
lInfo2=Free updates without limitations
lInfo3=User-friendly complete GUI
lInfo4=24 h / 7 d full support
lInfo5=Full moneyback guarantee
lInfo0=Please, click “Activate now” button to proceed with secure purchase of the license for {APPNAME}. As soon as you end activation you’ll receive:
lHeader3=Activation is highly recommended:
lHeader4=Registration key:
lHeader6=Visit our website if any problems occur
bConfirmActivation=Confirm Activation
bActivateLater=Activate Later
bActivateNow=Activate Now
[AfterScan]
formCaption={APPNAME}
lHeader=Warning!
lHeader2=Infections on your PC can cause:
lInfo1=Applications won’t start
lInfo2=Unwanted advertising displaying
lInfo3=Loss of Internet communication
lInfo4=Lost documents and settings
lInfo5=Some files can disappear from PC
lInfo6=You need registered version of {APPNAME} to remove these infections.%NEWLINE%Click “Remove threats” to activate protection and eliminate these security hazards.
lContinueUnprotected=Continue unprotected
lvFoundItems=0=Threat Name,1=Type,2=Level,3=Description,
bRegisterNow=Remove Threats
[RESOURCESTR]
0=Firewall protection
1=Antivirus protection
2=Spyware protection
3=Scheduled scans
4=Automatic updates
5=RAM protection
6={cnt} infected objects found, {cnt_removed} removed
7=Your system is infected! {cnt} dangerous objects have been found during last system scan. It is strongly recommended to remove them immediately.
8=Don’t leave! You may have potentially harmful threats%NEWLINE%on Your computer. Please, register Your copy of product%NEWLINE%and get up-to-date protection against latest spyware.
9=This functional is disabled in the unregistered version.%NEWLINE%To use all the features of the product, You must register now.
10=Are you sure? Without activation Your PC will not be protected against intruders.
11=Are you sure? Your PC will not be protected against intruders
12=Congratulation!%NEWLINE%{APPNAME} completed elimination for dangerous objects from Your computer.
13={APPNAME} Update
14=Virus database is up-to-date
15=Memory / Processes
16=Registration key is invalid
17=File system
18=Now Your system under full protection
19=Show Your order details
20=Your computer might be at risk
21=- {APPNAME} is turned off%NEWLINE%Click this baloon to fix this problem.
22={THREAT} threat has been detected. This threat module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click button below to locate and remove this threat now.
23=Start
24=Pause
25=Warning! Removed attack detected!
26={APPNAME} has detected that somebody is trying to stole Your private data remotely via Trojan.Win32.Generic!BT.%NEWLINE%Transfer for Your private data via internet will start in: {SECOND}%NEWLINE%We strongly recommend You to block attack immediately.
27=System Security Pack 2010.78.932 ({APPNAME} Upgrade; KB{KB})
[SecCenter]
formCaption={APPNAME} Protection Center
lRes1=Get latest security information
lRes2=Check for latest updates
lRes3=Get support for security-related issue
lRes4=Get help about security center
lRes5=Change they way Security Center alerts me
Label1=What's new in System to help protect my computer?
Label2=Click "Activate Now" button for suggested actions You can take.
Label3=Internet Options
Label4=Windows Firewall
Label5=Automatic Updates
Label6=Protection Center helps You manage your PC security settings. To help protect Your computer, make sure the all security essentials are marked ON. If the settings are not ON, follow the recommendations.
lVirusProtectionInfo={APPNAME} reports that it is not activated.%NEWLINE%Antivirus software helps protect your computer against viruses and other security thearts.
lVirusProtectionInfo2=We strongly recommend to activate {APPNAME} and get full protection.
Button1=Activate Now
OpenProtectionCenter1=Open Protection Center
ActivateProtection1=Activate Protection
[StartUp_v2]
formCaption={APPNAME}
lHeader=Warning!
lInfo={APPNAME} has detected {cnt} infected objects on your computer during the last system scan.%NEWLINE%The threats found on your computer are very likely to create further problems if not fixed immediately, such as:
lInfo1=System slowdown, crashes and freeze
lInfo2=Hackers can steal your Credit Card details
lInfo3=Your local and online passwords can be stolen
lInfo4=Slow web pages loading and attacks from outside
lInfo5=Privacy violations during Web surfing
lInfo6=You need registered version of {APPNAME} to remove these infections.%NEWLINE%Click “Remove Now” to activate protection and eliminate these security hazards.
lContinueUnprotected=continue unprotected
lInfo7=Infecting other computers on your network
bRegisterNow=Remove Now
[InstallNow]
formCaption=Automatic Updates
Label1=System Security Pack Upgrade
Label2=Update
Label3=Details
Button1=Remind Later
Button2=Install
lvUpdItems=0=,
reUpdDetails=TRichEdit
[ThankYouPage]
formCaption={APPNAME}
lHeader={APPNAME} has been successfully activated!
bContinue=OK
mInfo=Thanks for purchasing and registration {APPNAME}.%NEWLINE%%NEWLINE%All the neccessary information will be send to Your email. %NEWLINE%Please, SAVE them into secure location in case you need to reinstall the software.%NEWLINE%Feel free to contact Customer Support Service if You have any questions.%NEWLINE%%NEWLINE%Useful advices from {APPNAME} Team:%NEWLINE%%NEWLINE%- Scan your computer once ot twice a day and remove all the viruses and security threats.%NEWLINE%- Maximal protection of your computer is enabled ONLY if You turn ON all the Security Status services.%NEWLINE%- Do not use {APPNAME} together with other antivirus softwares.%NEWLINE% It may result some software conflicts between them.%NEWLINE%- If you have any question, please, contact Customer Support Service.%NEWLINE%%NEWLINE%Please, press "OK" button and wait while {APPNAME} will eliminate threats. Please, be patient.%NEWLINE%
[UpdateReminder]
formCaption={APPNAME} Critical Update Notification
lHeader=Warning!
lInfo1=Use database version: {db_old}
lHeader2=The {APPNAME} database is out of date
lInfo2=New version available database: {db_new}
lInfo3=Automatic {APPNAME} updates are necessary to protect your computer against viruses, spyware and known system vulnerabilities.
lInfo4=Malicious software is detected on your PC!
bUpdateNow=Update Now
bLater=Remind Me Later
[ActivateReminder]
formCaption={APPNAME}
lHeader=Your still haven't activated {APPNAME}
lInfo1=Choose as option:
lInfo6=If you haven’t done this yet we advise you to do it as soon as possible.
bRegisterNow=OK
rbActivation=Activate the product
rbLater=Remind me later
[AttackDetected]
formCaption={APPNAME} - Hacker attack detected
lInfo=Your computer is subjected to hacker attack. {APPNAME} has detected that somebody is trying to transfer Your private data via internet. We strongly recommend you to block attack immediately.
bContinue=Register and prevent theft
bRemindLater=No, thanks
[FirewallWarning]
formCaption=Firewall file transfer detected
lHeader=Warning!
lHeader2=Hidden file transfer to remote host was detected
lInfo1={APPNAME} has detected that somebody is trying to transfer Your private data via internet. We strongly recommend you to block attack immediately.
bUpdateNow=Block attack
bLater=Allow
GroupBox1= Details of the attack
Label1=Remote host transfer IP:
Label2=Remote user computer name:
Label3=User:
Label4=IP-address:
[ThreatDetectWarning]
formCaption=Warning! Threat detected!
lHeader=Warning!
lHeader2=Threat module detected on your PC!
lInfo={THREAT} threat has been detected. This threat module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click button below to locate and remove this threat now.
lContinueUnprotected=You are using a trial version.
lRecomPurchase=It is recommended to purchase a commercial version.
bRemoveThreat=Remove Threat
bLater=Ignore
GroupBox1= Details
Label1=Threat name:
Label2=Infected files:
Label3=Alert level:
Label4=Suggestion:
lSuggestion=It is highly recommended to remove this threat from your PC
lAlertLevel=High
lThreatName=Zlob.Porn.Ad
lInfectedFile=1
[NetworkIntrusion]
formCaption=Network intrusion detected!
lHeader=Warning! Network attack detected!
lInfo=Process is trying to steal your passwords listed below. It is highly recommended to block this threat now.
lInfo1=Your computer is being attacked from a remote PC.
lInfo2=Attack from:
lRemoteIP=145.7.151.43:34630
lContinueUnprotected=continue unprotected
Label1=You are using a trial version.
lRecomPurchase=It is recommended to purchase a commercial version.
lvFoundItems=0=Login,1=Password,2=Website URL,
bRegisterNow=Prevent Identity Theft
[BlockAttack]
formCaption=Protection Center Alert
lHeader=To help protect your computer, {APPNAME} has blocked some features of this program
lInfo={APPNAME} has detected unauthorized activity, but unfortunately trial version cannot remove viruses, keyloggers and other treats. Your personal data under serious risk. It is strongly recommended to register Your copy of {APPNAME} and prevent intrusion for future.
lInfo0=Do You want to block this suspicious software?
Label1=Name:
lThreatName=Trojan.Win32.Autoit.agg
Label3=Alert level:
lAlertLevel=High
Label4=Description:
lDescription=It is highly recommended to remove this threat from your PC
bUnblock=Unblock
bLater=Ignore
bRemoveThreat=Remove Threat
[StartUp_v2_1]
formCaption={APPNAME}
lHeader=Warning!
lInfo={APPNAME} has detected {cnt} infected objects on your computer during the last system scan. The threats found on your computer are very likely to create further problems if not fixed immediately, such as:
lInfo1=System slowdown and crash
lInfo2=Hackers can steal your Credit Card details
lInfo3=Your local and online password stolen
lInfo4=Slow web pages loading and browser crashes
lInfo5=Privacy violations during Web surfing
lInfo6=You need registered version of {APPNAME} to remove these infections. Click “Register Now” to activate protection and eliminate these security hazards.
lContinueUnprotected=continue unprotected
lInfo7=Infecting other computers on your network
bRegisterNow=Remove
Mit freundlichen Grüssen
Milan |
