|
|
| Cowabanga Cowabanga.exe yazzle.exe
|
|
Cowabanga, Cowabanga.exe, yazzle.exe
Yazzle.Cowabanga is an ad supported desktop game that is installed through security exploits. Yazzle.Cowabanga are products from are from Clickspring LLC, known as the makers of PurityScan (rogue anti-spyware program)
Adware.MediaTicket - :Adware/PurityScan - Downloader-EV - Trojan horse Dropper.Generic.FRP - Adware.Yazzle
Author Clickspring LLC, Outer Info Network
Author Description "Play Cowabanga, the crazy heifer-whackin' game, anytime with our free download!"
Author URL yazzle.net/games/cowabanga
Avenger
registry keys to delete:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Cowabanga
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Cowabanga
HKEY_LOCAL_MACHINE\SOFTWARE\Cowabanga
Files to delete:
C:\WINDOWS\Downloaded Program Files\YazzleActiveX.ocx
C:\WINDOWS\Temp\!update.exe
Folders to delete:
C:\Programme\Cowabanga
C:\Dokumente und Einstellungen\%Username%\Startmenü\Programme\Games
|
Start - Programme - Zubehör - Systemprogramme - Datenträgerbereinigung
- Click:Temporäre Internet Files/Temporäre Internet Dateien, o.k.
- Click:Temporäre Dateien, o.k
Klicke: Start -Ausführen- schreib rein: cmd
dann kopiere in das schwarze DOS-Fenster:
del %windir%\temp\*.* /f
klicke "enter"
schreibe Y
Verzeichnis von Programme
Cowabanga by OIN
Verzeichnis von C:\Programme\Cowabanga
02.05.2006 16.929 License.txt
C:\Programme\Cowabanga\Cowabanga.exe
C:\Programme\Cowabanga\License.txt
C:\Programme\Cowabanga\uninstaller.exe
C:\WINDOWS\Downloaded Program Files\YazzleActiveX.ocx
C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temp\win14E.tmp.exe
C:\WINDOWS\Temp\win254E.tmp.exe
cowabangainstaller.exe
yazzle.exe
C:\Documents and Settings\User\Start Menu\Programs\Games\Cowabanga.lnk
anwenden:
Combofix « Adaware « AVG Anti-Spyware
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Cowabanga
HKEY_CLASSES_ROOT\Interface\{665AC8E7-8B9B-40D9-A24D-C134052B6168}
HKEY_CLASSES_ROOT\Interface\{665AC8E7-8B9B-40D9-A24D-C134052B6168} _DYazzleActiveX
HKEY_CLASSES_ROOT\Interface\{907977FB-8835-483F-9979-AE3101DD3D17}
HKEY_CLASSES_ROOT\Interface\{907977FB-8835-483F-9979-AE3101DD3D17} _DYazzleActiveXEvents
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0 goicfboogidikkejccmclpieicihhlpo pjimiopdmppebmmkjdkikaomfiehfbhb
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0 goicfboogidikkejccmclpieicihhlpo pjimiopdmppebmmkjdkikaomfiehfbhb
|
|