zondag 12 april 2009

HaxFix version 5.0.73

Version 5.0.73
2009 04 12

Infection: Goldun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ntpdxt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ntpdxt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ntpdxt.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ntpdxt.sys

Files:
ntpdxt.dll
ntpdxt.sys


Infection: Goldun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sphub
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sphub
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sphub.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sphub.sys

Files:
system32\sphub.dll
system32\sphub.sys


Infection: Troj/Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{56BB6D01-7BD5-4458-A4AE-F03DF643D6EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{C2C3339C-2559-4b81-B9EF-CBAF906D5DA2}

Files:
bxx.txt
sft.res
system32\smstf.dll
system32\trinf32.dll



Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.

Geen opmerkingen: