Version 5.0.29
2008 10 24
Infection Goldun.
O2 - BHO: (no name) - {7ACB5731-5839-13AB-EABC-124791194525} - C:\WINDOWS\ system32\msindeo.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7ACB5731-5839-13AB-EABC-124791194525}]
O21 - SSODL: msindeo.dll - {7ACB5731-5839-13AB-EABC-124791194525} - C:\WINDOWS\ system32\msindeo.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"msindeo.dll" = "{7ACB5731-5839-13AB-EABC-124791194525}"
File:
system32\msindeo.dll
Infection Haxdoor / Goldun.
O20 - Winlogon Notify: acpiz - C:\WINDOWS\SYSTEM32\acpiz.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\acpiz]
O20 - Winlogon Notify: hpstp - C:\WINDOWS\SYSTEM32\hpstp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hpstp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\acup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmram]
Files:
system32\acpiz.dll
system32\acup.sys
system32\dmram.sys
system32\hpstp.dll
Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.
How to remove Security Suite
2 jaar geleden
Posts
Geen opmerkingen:
Een reactie posten