Version 5.0.36
2008 11 09
Infection: Goldun
Added a new variant that is using the appinit key to load.
Filename is semi-random.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs" = "%System%\mms******.dll"
Files:
%System%\DefaultColor.info
%System%\mms******.dll
Use haxfix to remove this infection.
Removalinstructions for this infection, you can find here or here.
How to remove Security Suite
2 jaar geleden
Posts
Geen opmerkingen:
Een reactie posten