About: Vundo   Sponge Permalink

An Entity of Type : dbkwik:resource/uazuHg3wEfJ5Uid5iYR3Jw==, within Data Space : 134.155.108.49:8890 associated with source dataset(s)

Vundo infects victims' computers by exploiting a vulnerability in Sun Java 1.5.0.7 (aka Version 5.0 release 7) and earlier versions. An update to Java is a necessary step in the removal of Vundo. Many of the popups advertise fraudulent programs including (but not limited to) Sysprotect, Storage Protector, AntiSpywareMaster, WinFixer, and AntiVirus 2009. There are two main components to the Virtumonde.dll file: Browser Helper Objects and Class ID. Each of these components are in the Windows Registry under Local Machine, and the file names are dynamic. It attaches to the system using bogus Browser Helper Objects and DLL files attached to Winlogon and Explorer.exe. Some recent variants have begun attaching to lsass.exe instead of winlogon.exe. According to Spybot - Search & Destroy scans, the

AttributesValues
rdf:type
rdfs:label
  • Vundo
rdfs:comment
  • Vundo infects victims' computers by exploiting a vulnerability in Sun Java 1.5.0.7 (aka Version 5.0 release 7) and earlier versions. An update to Java is a necessary step in the removal of Vundo. Many of the popups advertise fraudulent programs including (but not limited to) Sysprotect, Storage Protector, AntiSpywareMaster, WinFixer, and AntiVirus 2009. There are two main components to the Virtumonde.dll file: Browser Helper Objects and Class ID. Each of these components are in the Windows Registry under Local Machine, and the file names are dynamic. It attaches to the system using bogus Browser Helper Objects and DLL files attached to Winlogon and Explorer.exe. Some recent variants have begun attaching to lsass.exe instead of winlogon.exe. According to Spybot - Search & Destroy scans, the
sameAs
dcterms:subject
dbkwik:malware/pro...iPageUsesTemplate
Platform
  • Windows
Name
  • Vundo
Type
  • Trojan
AKA
  • *Trojan:Win32/Vundo
  • Trojan:Win32/Virtumonde
abstract
  • Vundo infects victims' computers by exploiting a vulnerability in Sun Java 1.5.0.7 (aka Version 5.0 release 7) and earlier versions. An update to Java is a necessary step in the removal of Vundo. Many of the popups advertise fraudulent programs including (but not limited to) Sysprotect, Storage Protector, AntiSpywareMaster, WinFixer, and AntiVirus 2009. There are two main components to the Virtumonde.dll file: Browser Helper Objects and Class ID. Each of these components are in the Windows Registry under Local Machine, and the file names are dynamic. It attaches to the system using bogus Browser Helper Objects and DLL files attached to Winlogon and Explorer.exe. Some recent variants have begun attaching to lsass.exe instead of winlogon.exe. According to Spybot - Search & Destroy scans, there are two Virtumonde.prx files and one Virtumonde.dll file located in the Windows Registry as well as the system32 directory.
Alternative Linked Data Views: ODE     Raw Data in: CXML | CSV | RDF ( N-Triples N3/Turtle JSON XML ) | OData ( Atom JSON ) | Microdata ( JSON HTML) | JSON-LD    About   
This material is Open Knowledge   W3C Semantic Web Technology [RDF Data] Valid XHTML + RDFa
OpenLink Virtuoso version 07.20.3217, on Linux (x86_64-pc-linux-gnu), Standard Edition
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2012 OpenLink Software