We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/Vundo.K
Detected by Microsoft Defender Antivirus
Aliases: Win32/Vundo!generic (CA) W32/Virtumonde.TY (Norman) Adware.VirtuMonde (Symantec)
Summary
Trojan:Win32/Vundo.K is a DLL component that installs itself as a Browser Helper Object and generates popup ads on the user's desktop. The component is injected into explorer.exe by its dropper. The ads may pop up as a visible or hidden window. Trojan:Win32/Vundo.K is packed with a modified version of UPX
Use up-to-date antivirus software
It is best to use an automatic recovery method such as the Microsoft Malicious Software Removal Tool (http://www.microsoft.com/security/malwareremove/default.mspx) or the Microsoft Safety Scanner at the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742).