Should I remove “Win32/Bundpil.AN”?

The Win32/Bundpil.AN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Bundpil.AN virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Win32/Bundpil.AN?


File Info:
name: 2984124EA4BCB56C2F3A.mlw
path: /opt/CAPEv2/storage/binaries/6933045927eb257edf277b644d1433ee83057edc7a7385a2420d4d4a522d66bb
crc32: 126432DD
md5: 2984124ea4bcb56c2f3a4dffc5b92a1f
sha1: 9df53183da6c934157fed4e16ab27165a0aef5d3
sha256: 6933045927eb257edf277b644d1433ee83057edc7a7385a2420d4d4a522d66bb
sha512: 85ee38a5e055b25c24ac3ffbc710256e1fda47c12cd5845bb7ea26fd344c898aa0afb1b619929e3afc12879b474a3bdc7fc2d17aefb9e7faa79b543d7b9d035d
ssdeep: 96:Hxvtj+jhjvj3jcZGOiIWrZ1sRUSqAzR4SNKCwafyv:H5t6djbgYRBbsWS+SNKMfyv
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T157D16017C3620683CD9433B628A9A48B29DC4D0B9C382DA5F0D46D069FE6C0F5CEF95E
sha3_384: e414904675fad98d641176f565c8136277caf51b766d4c2ff8d43640fd9363cd096c72e027f2a2da9a08b3bb15a91cde
ep_bytes: 558bec538b5d08568b750c578b7d1085
timestamp: 2013-06-07 13:34:36

Version Info:
0: [No Data]

Win32/Bundpil.AN also known as:

Bkav	W32.FamVT.DebrisA.Worm
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Barys.381598
FireEye	Generic.mg.2984124ea4bcb56c
CAT-QuickHeal	Trojan.Agent.WL
Skyhigh	BehavesLike.Win32.Worm.xt
ALYac	Gen:Variant.Barys.381598
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	EmailWorm ( 0040f50c1 )
K7GW	Trojan ( 004436271 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	Gen:NN.ZedlaF.36802.aq5@aWYDZXo
VirIT	Worm.Win32.Generic.GKJ
Symantec	Trojan.Dropper
tehtris	Generic.Malware
ESET-NOD32	Win32/Bundpil.AN
APEX	Malicious
TrendMicro-HouseCall	WORM_GAMARUE.SML
ClamAV	Win.Adware.Downware-314
Kaspersky	Worm.Win32.Debris.b
BitDefender	Gen:Variant.Barys.381598
NANO-Antivirus	Trojan.Win32.Agent.cstbfl
SUPERAntiSpyware	Trojan.Agent/Gen-Crypt
Avast	Win32:Gamarue-BS [Wrm]
Tencent	Worm.Win32.Debris.a
TACHYON	Worm/W32.Debris.6252.C
Emsisoft	Gen:Variant.Barys.381598 (B)
Baidu	Win32.Worm.Bundpil.a
F-Secure	Worm.WORM/Gamarue.600541
DrWeb	Trojan.MulDrop4.25343
Zillya	Worm.DebrisGen.Win32.28
TrendMicro	WORM_GAMARUE.SML
Sophos	Troj/Agent-ACCV
SentinelOne	Static AI – Malicious PE
Jiangmin	Worm/Agent.cok
Webroot	W32.Worm.Gen
Varist	W32/Csyr.B.gen!Eldorado
Avira	WORM/Gamarue.600541
Antiy-AVL	Worm/Win32.Agent
Kingsoft	malware.kb.a.971
Microsoft	TrojanDownloader:Win32/Andromeda!pz
Xcitium	TrojWare.Win32.Debris.JOUE@4ygmsm
Arcabit	Trojan.Barys.D5D29E
ZoneAlarm	Worm.Win32.Debris.b
GData	Win32.Worm.Gamarue.AQ
Cynet	Malicious (score: 100)
AhnLab-V3	Worm/Win32.Agent.R69836
Acronis	suspicious
McAfee	W32/Worm-FKH!2984124EA4BC
Google	Detected
MAX	malware (ai score=84)
VBA32	Worm.Gamarue
Cylance	unsafe
Panda	Generic Suspicious
Rising	Worm.Gamarue!1.9CC1 (CLASSIC)
Yandex	Trojan.GenAsa!lnBPIR2s9Jw
Ikarus	Worm.Win32.Agent
MaxSecure	Worm.Agent.pvg
Fortinet	W32/Agent.AF!worm
AVG	Win32:Gamarue-BS [Wrm]
DeepInstinct	MALICIOUS
alibabacloud	Worm:Win/Gamarue.30743dd2

How to remove Win32/Bundpil.AN?

Win32/Bundpil.AN removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X