Version 5.0.50
2008 12 27
Infection: Goldun
O20 - Winlogon Notify: modzlib - C:\WINDOWS\system32\modzlib.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\modzlib
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\gzvba.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\gzvba.sys
Files:
system32\modzlib.dll
system32\gzvba.sys
Infection: Trojan-Downloader.Win32.BHO.aej - TrojanSpy:Win32/Ambler.D - Trojan-Dropper.Win32.Ambler
O2 - BHO: Google plugin - {18CACF0E-72A4-4be1-AA42-DC2ECDB197F1} - C:\WINDOWS\system32\kcms.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18CACF0E-72A4-4be1-AA42-DC2ECDB197F1}
Files:
system32\alog.txt
system32\bb1.dat
system32\kcms.dll
system32\mx
system32\ps1.dat
system32\rc.dat
Infection: Virus.Neshta - Trojan-Banker.Win32.Banker.ghd - TSPY_BANKER.LJU TrojanSpy:Win32/Ambler.A - Trojan-Spy.Win32.Banker
Files:
system32\accs.txt
system32\cookie.dat
system32\ps.dat
Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.
How to remove Security Suite
2 jaar geleden
Posts
Geen opmerkingen:
Een reactie posten