We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/Vundo.EL
Detected by Microsoft Defender Antivirus
Aliases: Troj/Virtum-Gen (Sophos) Trojan.Win32.Mondera.gen (Kaspersky) not-a-virus:AdWare.Win32.Virtumonde.umu (Kaspersky) Trojan.Vundo (Symantec) Win32/VMalum.DAKS (CA)
Summary
Trojan:Win32/Vundo.EL is a component of Win32/Vundo, a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files. Win32/Vundo is often distributed as a DLL file and installed on a computer as a Browser Helper Object (BHO) without a user's consent. The Vundo family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
For more information, please see the Win32/Vundo family description elsewhere in our encyclopedia.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, see http://www.microsoft.com/protect/computer/viruses/vista.mspx.
Follow us
