Version 5.0.33
2008 11 01
Infection Haxdoor / Goldun.
O20 - Winlogon Notify: kryostm - C:\Windows\System32\kryostm.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\kryostm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\kryo2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\kryo2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kryo2]
"DisplayName" = "CPU FUN Controller"
Files:
system32\kryostm.dll
system32\kryo2.sys
Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.
How to remove Security Suite
2 jaar geleden
Posts
Geen opmerkingen:
Een reactie posten