Skip to main content
Published Mar 07, 2010 | Updated Sep 15, 2017

Trojan:Win32/Vundo.KA

Detected by Microsoft Defender Antivirus

Aliases: Win-Trojan/Downloader.35840.BZ (AhnLab) Trojan-Downloader.Win32.Small.hgg (Kaspersky) W32/DLoader.HTVA (Norman) Win32/Vundo.HH (CA) Trojan.Virtumod.based (Dr.Web) Win32/Adware.Virtumonde.NBY (ESET) Trojan.Virtumod (Ikarus) Troj/Virtum-Gen (Sophos) Virtumonde (Sunbelt Software) Trojan.Vundo (Symantec) Mal_Vundo (Trend Micro)

Summary

Trojan:Win32/Vundo.KA is a trojan that injects itself into running processes to avoid detection. It connects to a remote server to send information about the infected computer and to possibly download and execute other files. It also terminates or modifies certain processes that may be related to antispyware programs.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as Microsoft Security Essentials, or the Microsoft Safety Scanner. For more information about using antivirus software, see http://www.microsoft.com/security/antivirus/av.aspx.
Follow us