How to remove “Trojan:Win32/Vundo!AA”?

The Trojan:Win32/Vundo!AA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Vundo!AA virus can do?

Behavioural detection: Executable code extraction – unpacking
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan:Win32/Vundo!AA?


File Info:
name: F3D652C46DF0A173DB27.mlw
path: /opt/CAPEv2/storage/binaries/d5a117a765c9d53f23344d15c9f0dae29feb393644cbe5d4983af50f69b3e526
crc32: 6D66BA76
md5: f3d652c46df0a173db275ead6f862c68
sha1: bdce8d65286903d785a9d19bbc1eaf5937da7c6c
sha256: d5a117a765c9d53f23344d15c9f0dae29feb393644cbe5d4983af50f69b3e526
sha512: f9e6599126ea054c4c81be7e013b10ebd20f11fad56e613520f7b802b4bb84edc0364cb70e41108edd4746362b71a2bef57f2d9b8945e443a59ee46057723c89
ssdeep: 768:3wJYfN7EEl6f1tCIuPmTP+NIZe/cnVmVkovcWw2l2eKbjROi9PiOSJ2QG4Yx:gaFdlu7oWPZIkVVucWJAe6N9PirJxGbx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D243BF87796ECAD5DDC789FACC8B2D1631477AA4FA02CF13620C29692E65435E13EF04
sha3_384: 4bc4c2fe1d8a7834df35d8dd02f270b9677a09e4cbbc0604564976b6ba5f22f1374c3ed76573e50bb716282468b97b8b
ep_bytes: 558bec538b5d08568b750c85f6578b7d
timestamp: 1975-04-24 18:19:06

Version Info:
0: [No Data]

Trojan:Win32/Vundo!AA also known as:

Bkav	W32.CNCmonder.Heur
Lionic	Trojan.Win32.Generic.laTc
AVG	Win32:Susn-C [Trj]
MicroWorld-eScan	Trojan.Vundo.Gen.4
FireEye	Generic.mg.f3d652c46df0a173
Skyhigh	BehavesLike.Win32.VirRansom.qc
McAfee	Vundo
Malwarebytes	Trojan.Vundo
Zillya	Trojan.Monder.Win32.801
Sangfor	Suspicious.Win32.Save.a
Alibaba	Trojan:Win32/Monderd.839e81fb
Cybereason	malicious.46df0a
VirIT	Trojan.Win32.Vundo.FI
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Adware.Virtumonde.NDI
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Trojan.Vundo-10100
Kaspersky	Trojan.Win32.Monderd.gen
BitDefender	Trojan.Vundo.Gen.4
NANO-Antivirus	Virus.Win32.Gen-Crypt.ccnc
Avast	Win32:Susn-C [Trj]
Tencent	Win32.Trojan.Monderd.Vimw
TACHYON	Trojan/W32.Monder.56320.O
Sophos	Troj/Virtum-Gen
F-Secure	Trojan.TR/Drop.Agent.NAO
DrWeb	Trojan.Virtumod.853
VIPRE	Trojan.Vundo.Gen.4
TrendMicro	TROJ_VUNDO.SMAD
Trapmine	malicious.high.ml.score
Emsisoft	Trojan.Vundo.Gen.4 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan/Monder.alrj
Varist	W32/Trojan.CDHO-4977
Avira	TR/Drop.Agent.NAO
Antiy-AVL	Trojan/Win32.Monderd
Kingsoft	Win32.Trojan.Monderd.gen
Microsoft	Trojan:Win32/Vundo.gen!AA
Xcitium	TrojWare.Win32.Virtumonde.~AF@yihb
Arcabit	Trojan.Vundo.Gen.4
ViRobot	Trojan.Win32.Monder.56320.Q
ZoneAlarm	Trojan.Win32.Monderd.gen
GData	Trojan.Vundo.Gen.4
Google	Detected
AhnLab-V3	Trojan/Win32.Vundo.R9398
BitDefenderTheta	AI:Packer.8F79D2811E
ALYac	Trojan.Vundo.Gen.4
MAX	malware (ai score=100)
VBA32	BScope.Trojan.Monderd
Cylance	unsafe
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_VUNDO.SMAD
Rising	Trojan.Vundo!8.4FC (TFE:3:MMFCWBe7ewN)
Ikarus	Packer.Win32.Tdss
MaxSecure	Trojan.Monderd.gen
Fortinet	W32/Vundo.GAL!tr
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)
alibabacloud	Trojan:Win/Virtumonde.NDI

How to remove Trojan:Win32/Vundo!AA?

Trojan:Win32/Vundo!AA removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X