Home / malware Trojan:Win32/Vundo.gen!AS
First posted on 06 July 2009.
Source: SecurityHomeAliases :
Trojan:Win32/Vundo.gen!AS is also known as Also Known As:Trojan-Downloader.Win32.Clopack.a (Kaspersky).
Explanation :
Trojan:Win32/Vundo.gen!AS is a component of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files, which can include additional malware or potentially unwanted software.
Symptoms
For information on symptoms, please see the Win32/Vundo analysis elsewhere in our encyclopedia.
Trojan:Win32/Vundo.gen!AS is a component of Win32/Vundo - a multiple-component family of programs that deliver 'out of context' pop-up advertisements. They may also download and execute arbitrary files, which can include additional malware or potentially unwanted software. Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
For more information, please see the Win32/Vundo analysis elsewhere in our encyclopedia. Note: Files detected as Trojan:Win32/Vundo.gen!AS may previously have been detected as Trojan:Win32/Vundo.gen!AN.
Analysis by Marian RaduLast update 06 July 2009
