donderdag 21 mei 2009

Haxfix version 5.0.78

Version 5.078
2009 05 21

Infection: Trojan Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{7C7EFE99-C71F-48b8-8CC8-BA506CA76A33}

File:
system32\xagkf32.dll


Infection: Trojan Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{1925C7E1-5540-4675-8198-8A2779D4072A}

File:
system32\msfgw32.dll


Infection: Trojan Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{D6E0FAFC-2B61-4753-B3DA-D83BE96A2C39}

File:
system32\mashtuic32.dll



Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.
Gepost door Marc op 10:23 0 reacties
Labels: ,

zondag 10 mei 2009

Haxfix version 5.0.77

Version 5.0.77
2009 05 10

Infection: Trojan Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{FFCC6792-7219-4ff8-98D2-5D632A5FA01C}
system32\al.txt
system32\dz1.txt
system32\kixm32.dll
system32\opxd
system32\p1.txt
system32\r24.txt


Infection: Trojan Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{C3221010-0AD7-4c09-B17B-EDCFFDA4B7F9}
system32\fow64.dll


Infection: SpyBanker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{DCF49866-8F81-4F5F-8193-7EC75A2AB321}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}


Infection: Goldun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper obJects\{73364D99-1240-4dff-B11A-67E448373048}

File:
system32\ipv6mons.dll
Gepost door Marc op 12:23 0 reacties
Labels: ,

vrijdag 1 mei 2009

Haxfix version 5.0.76

Version 5.0.76
2009 05 01

Infection: Goldun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rksocket
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rkskt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rkskt.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rkskt.sys

Files:
system32\hrpdcf.bin
system32\rkskt.sys
system32\rksocket.dll


Infection: Goldun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmod11

File:
system32\pmod11.dll



Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.
Gepost door Marc op 19:17 0 reacties
Labels: ,
Abonneren op: Posts (Atom)