We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanDownloader:Win32/Kuluoz.B
Aliases: VirTool:Win32/Injector.gen!BB (other) Trojan-Dropper.Win32.Dapato.bipz (Kaspersky) Mal/EncPk-AFA (Sophos) Mal/Kuluoz-C (Sophos)
Summary
Windows Defender Antivirus detects and removes this threat.
This trojan tries to connect your PC to a remote server to receive instructions from a malicious hacker. The hacker can then tell the trojan to perform any number of actions, including to download and run files. We have seen this trojan download variants of the rogue security scanner Rogue:Win32/Winwebsec.
There is more information in the Win32/Kuluoz family description.
Use the following free Microsoft software to detect and remove this threat:
- Microsoft Defender Antivirus for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
- Microsoft Safety Scanner
You should also run a full scan. A full scan might find other, hidden malware.
Protect your sensitive information
This threat tries to steal your sensitive and confidential information. If you think your information has been stolen, see:
You should change your passwords after you've removed this threat:
Get more help
You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.
If you’re using Windows XP, see our Windows XP end of support page.
