We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/Virtumonde.O
Detected by Microsoft Defender Antivirus
Aliases: Packed.Win32.Klone.k (Kaspersky) Vundo (McAfee) W32/Suspicious_U.gen (Norman) Packed.Win32.Klone.k (Sunbelt Software) TROJ_KLONE.BX (Trend Micro)
Summary
Trojan:Win32/Virtumonde.O is a Trojan dynamic link library (DLL) that installs itself as a Browser Helper Object (BHO) and generates popup advertisements on a user's desktop. The component is injected into EXPLORER.EXE by a dropper Trojan. Advertisements may appear as a visible window or may be hidden from view.
Trojan:Win32/Virtumonde.O may download and install additional malicious software, thus manual removal is not recommended. To detect and remove this Trojan and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, visit http://www.microsoft.com/athome/security/downloads/default.mspx