Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.
Send us feedback
Thank you for your feedback
We couldn't find the malware. Try searching for the malware you’ve encountered. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
We couldn't find the malware. We’ve returned search results instead. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
Win32/Vundo is a multiple-component family of malware that delivers "out of context" pop-up advertisements. Variants of the family may also download and run other files, including malware and adware.
Vundo is often installed as a browser helper object (BHO) without your consent, by other malware.
This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
This threat is classified as a trojan downloader. It tries to download and install other malware or unwanted software.
Some downloader trojans target specific files on remote websites. Others target a specific URL that points to a website with exploit code that can automatically download and run software or malicious code on your PC.
More details are available in the Win32/Vundo family description.
Trojan:Win32/Vundo.gen!AM is a generic detection and component of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files.
Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
For more information, please see the Win32/Vundo analysis elsewhere in our encyclopedia.
Trojan:Win32/Vundo.gen!BM is a member of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files. Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Trojan:Win32/Vundo.K is a DLL component that installs itself as a Browser Helper Object and generates popup ads on the user's desktop. The component is injected into explorer.exe by its dropper. The ads may pop up as a visible or hidden window. Trojan:Win32/Vundo.K is packed with a modified version of UPX
Trojan:Win32/Vundo.IB is a component of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files.
Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Trojan:Win32/Vundo.JC is a trojan that may register itself as a BHO (Browser Helper Object) and inject itself into normal Windows processes. It may attempt to terminate certain security processes, and connect to certain servers to possibly download other malware.
Trojan:Win32/Vundo.EL is a component of Win32/Vundo, a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files. Win32/Vundo is often distributed as a DLL file and installed on a computer as a Browser Helper Object (BHO) without a user's consent. The Vundo family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
For more information, please see the Win32/Vundo family description elsewhere in our encyclopedia.
Trojan:Win32/Vundo is a family of malicious software that consists of executables and dynamic link library (DLL) files that deliver 'out of context' pop-up advertisements on the clients’ machines.
Trojan:Win32/Vundo.AF is a DLL component that installs itself as a Browser Helper Object (BHO), and may show pop-up advertisements on the computers in which it is installed.
Trojan:Win32/Vundo.CL is a component of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files.
Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Win32/Vundo is a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files.
Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
TrojanDownloader:Win32/Vundo.F is a trojan that might download and run arbitrary files on your computer. It is a member of the Win32/Vundo malware family, a multiple-component family of programs that deliver "out of context" pop-up advertisements. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Trojan:Win32/Vundo.gen!BA is a trojan that injects its code into running processes and downloads and executes arbitrary files, which may include additional malware.
Trojan:Win32/Vundo.gen!AO is a component of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files.
Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Trojan:Win32/Vundo.gen!V is a generic detection for a multi-component family of programs that deliver 'out of context' pop-up advertisements to the computer on which they are installed and may download and execute arbitrary files. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Trojan:Win32/Vundo.gen!Z is a generic detection for variants of Win32/Vundo, a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files. Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Win32/Vundo is a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files.
Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
This trojan dropper can install malware or unwanted software on your PC.
Commonly, it also installs a backdoor which gives a hacker remote access to your PC. A hacker can then upload and install other malware or unwanted software.
More details are available in the Win32/Vundo family description.
This threat is a component of Win32/Vundo - a family of programs that deliver 'out of context' pop-up advertisements. They can also download and run files.
Vundo is often spread as a DLL file and installed on your PC as a Browser Helper Object (BHO) without your consent. The family also uses advanced techniques to avoid detection and removal.