- This detection is for installation packages that mostly bundle itself with toolbars or Browser Helper Objects (BHO).
- The installation mostly goes by the name VGrabber.
- Most of the dropped files of this application are placed under the folder undefinedProgramFilesundefined\vGrabber.
- Below are some sample screenshots of the installation process:
- Figure 1: Installation with bundled Babylon toolbar.
- Figure 2: Installation with bundled SweetIM toolbar.
- Figure 3: Installation with bundled PriceGong adware.
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.