Trojan:Win32/Vundo.ME

Detected by Microsoft Defender Antivirus

Aliases: Packed.Win32.Tdss.aa (Kaspersky) Troj/Virtum-Gen (Sophos) Packed.Win32.Tdss (Ikarus) FakeAlert-JU (McAfee) Trojan.Metajuan (Symantec)

Summary

Trojan:Win32/Vundo.ME is a trojan that is a member of Win32/Vundo - a multiple-component family of programs that deliver out-of-context pop-up advertisements. They may also download and execute arbitrary files.

To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

Additional Recovery Steps

This threat may make lasting changes to an affected system’s configuration that will NOT be restored by detecting and removing this threat. For more information on returning an affected system to its pre-infected state, please see the following article/s:

Enabling the Phishing Filter in Internet Explorer 7 and 8: http://support.microsoft.com/kb/930168
For other support and help related articles, go to:

Windows 7: http://support.microsoft.com/gp/windows7
Windows Vista: http://support.microsoft.com/ph/11732

Windows XP: http://support.microsoft.com/ph/1173

Trojan:Win32/Vundo.ME

Summary

What to do now

Additional Recovery Steps

Technical information

Threat behavior

Installation

Payload

Additional Information

Prevention

Symptoms