We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/Vundo.gen!AW
Aliases: Win-Trojan/Vundo.63488.M (AhnLab) Backdoor.Win32.Buterat.avp (Kaspersky) Backdoor.Buterat!OtIZ4eqzMNk (VirusBuster) BDS/Buterat.avp (Avira) Backdoor.Win32.Buterat (Ikarus) W32/Bamital.P (McAfee) TROJ_ZKRYPT.SMIH (Trend Micro)
Summary
Trojan:Win32/Vundo.gen!AW is the generic detection for components of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files.
Win32/Vundo is often distributed as a DLL file and installed on an affected computer as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
For more information, please see the Win32/Vundo analysis elsewhere in the Microsoft Malware Protection Center encyclopedia.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
- Microsoft Security Essentials
- Microsoft Safety Scanner
- Windows Defender
- Microsoft Windows Malicious Software Removal Tool
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.