Home / malwarePDF  

Trojan:Win32/Vundo.IB


First posted on 04 February 2009.
Source: SecurityHome

Aliases :

There are no other names known for Trojan:Win32/Vundo.IB.

Explanation :

Trojan:Win32/Vundo.IB is a component of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files. Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.

Symptoms
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).

Trojan:Win32/Vundo.IB is a component of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files. Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.

For more information, please see the Win32/Vundo analysis elsewhere in our encyclopedia.

Analysis by Marian Radu

Last update 04 February 2009

 

TOP