Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
Send us feedback
Thank you for your feedback
We couldn't find the malware. Try searching for the malware you’ve encountered. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
We couldn't find the malware. We’ve returned search results instead. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
Trojan:Win32/Vundo.K is a DLL component that installs itself as a Browser Helper Object and generates popup ads on the user's desktop. The component is injected into explorer.exe by its dropper. The ads may pop up as a visible or hidden window. Trojan:Win32/Vundo.K is packed with a modified version of UPX
Win32/Vundo is a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files. Win32/Vundo is often distributed as a DLL file and installed on a computer as a Browser Helper Object (BHO) without a user's consent. The Vundo family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Trojan:Win32/Vundo is a family of malicious software that consists of executables and dynamic link library (DLL) files that deliver 'out of context' pop-up advertisements on the clients’ machines.
Trojan:Win32/Vundo.AF is a DLL component that installs itself as a Browser Helper Object (BHO), and may show pop-up advertisements on the computers in which it is installed.
Trojan:Win32/Vundo.HJ is a variant of Win32/Vundo, a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files. Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Trojan:Win32/Vundo.gen!BA is a trojan that injects its code into running processes and downloads and executes arbitrary files, which may include additional malware.
Trojan:Win32/Vundo.IG is a generic detection for a multi-component family of programs that deliver 'out of context' pop-up advertisements to the computer on which they are installed and may download and execute arbitrary files. Win32/Vundo.IG may exist on a computer as a dynamic link library (DLL) or as an executable.
TrojanDropper:Win32/Vundo.H is a trojan that installs a variant of Win32/Vundo detected as Trojan:Win32/Vundo.gen!C. Win32/Vundo.gen!C is a generic detection for a multi-component family of programs that deliver 'out of context' pop-up advertisements to the computer on which they are installed and may download and execute arbitrary files.
Trojan:Win32/Vundo.gen!X is a generic detection for a multi-component family of programs that deliver 'out of context' pop-up advertisements to the computer on which they are installed and may download and execute arbitrary files. Win32/Vundo.gen!X may exist on a computer as a dynamic link library (DLL) or as an executable. Some variants function as Browser Helper Objects (BHOs). It may also use defensive methods to make itself difficult to remove from the affected machine.
This trojan dropper can install malware or unwanted software on your PC.
Commonly, it also installs a backdoor which gives a hacker remote access to your PC. A hacker can then upload and install other malware or unwanted software.
More details are available in the Win32/Vundo family description.
Trojan:Win32/Conhook.N is a trojan that installs itself as a BHO (Browser Helper Object). It attempts to lower Internet Explorer security settings and monitor user activities. It may also download and install rogue antivirus products on the system.
This threat is classified as a trojan downloader. It tries to download and install other malware or unwanted software.
Some downloader trojans target specific files on remote websites. Others target a specific URL that points to a website with exploit code that can automatically download and run software or malicious code on your PC.
More details are available in the Win32/Vundo family description.