Version 5.0.38
2008 11 12
Infection: Haxdoor
O20 - Winlogon Notify: mt49hub - C:\WINDOWS\SYSTEM32\mt49hub.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mt49hub
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msvtch
"ImagePath" = "system32\msvtch.sys"
"DisplayName" = "Kernel Mode SND msvtcher"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\msvtch.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\msvtch.sys
Files:
system32\adrnln.bin
system32\mt49hub.dll
system32\msvtch.sys
Infection: SpyBanker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{850C7964-9320-4055-BE11-7D7B562A6417}
Files:
system32\Helper.dll
system32\Helper1.dll
system32\mstrans.dll
Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.
How to remove Security Suite
2 jaar geleden
Posts
Geen opmerkingen:
Een reactie posten