Haxfix version 5.0.84

Version 5.084
2009 07 26

Infection: Goldun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rbadmm
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rbadmm
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rbadmm.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rbadmm.sys

Files:
system32\rbadma.sys
system32\rbadmm.dll


Infection: Goldun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rbadzm
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rbadza
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rbadza.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rbadza.sys

Files:
system32\rbadza.sys
system32\rbadzm.dll


Infection: Trojan Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ED78190A-DFB2-4336-A960-979CD88F7A8D}


Infection: Trojan Amble
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61DC85A0-4A32-4c38-92CF-24652B3F416C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{544735C9-AE13-4721-9DE7-D529BE675038}

Files:
system32\locsock32.dll


Infection: Trojan Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFF01325-0FC2-4749-8914-FBF0565AD9CC}

Files:
system32\jbnmcd.dll
system32\jbnmck.dll


Infection: Trojan Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{480FA3BD-A372-4f65-9F8A-15DF38F4E2AB}

Files:
system32\pcmfd3.dll


Infection: Trojan Ambler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{996D4E16-517F-474a-870F-F882C6133C47}

Files:
system32\gacaq32.dll


Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.