Verion 5.0.59
2009 01 21
Infection: Goldun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rssync
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdsync
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rdsync.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsync.sys
Files:
system32\a9k.bin
system32\hrpdcf.bin
system32\rdsync.sys
system32\rssync.dll
Infection: Banker Trojan
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6458C00E-EF7F-4f06-9E06-49EA923386FD}
HKEY_LOCAL_MACHINE\SOFTWARE\AmSoft
File:
system32\kj32.dll
Infection: Trojan/Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89F2C12A-027A-4de3-88F6-9F31A1C0F17C}
Files:
system32\alog.txt
system32\bb1.dat
system32\cs.dat
system32\ps1.dat
system32\rc.dat
system32\rs
system32\tb.dr
system32\xlk.dll
system32\xwa.dll
Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.
How to remove Security Suite
2 jaar geleden
Posts
Geen opmerkingen:
Een reactie posten