Saturday, November 12, 2011

System Restore v1.1 (FakeAV) - 11.12.2011 - Analysis and Removal

JGFMXz1Ipf65 and JGFMXz1Ipf65.exe in %CommonAppData%

"System Restore" entry in the start menu and an icon on the desktop.

Mostly likely will need to make use of TDSSKiller as appears it installs a TDLFS and Rookit.Boot.SST.b which causes browser redirects.

Funf D - Counted

No comments:

Post a Comment