Riskware/Bundlore
Analysis
- This detection is for installation packages that mostly bundle itself with toolbars or Browser Helper Objects (BHO).
- The installation mostly goes by the name VGrabber.
- Most of the dropped files of this application are placed under the folder undefinedProgramFilesundefined\vGrabber.
- Below are some sample screenshots of the installation process:
- Figure 1: Installation with bundled Babylon toolbar.
- Figure 2: Installation with bundled SweetIM toolbar.
- Figure 3: Installation with bundled PriceGong adware.
Recommended Action
- FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
FortiClient Systems
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |