Solved! Use WINDOWSOTURUM.EXE (Backdoor Poison) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

WINDOWSOTURUM.EXE – Backdoor Poison removal

FileMD5Virus Alias
WINDOWSOTURUM.EXE a368d4de30159438f1a042780f168941 Backdoor Poison
WINDOWSOTURUM.EXE a368d4de30159438f1a042780f168941 Trojan Win32-Spy
WINDOWSOTURUM.EXE a368d4de30159438f1a042780f168941 Trojan Downloader
WINDOWSOTURUM.EXE a368d4de30159438f1a042780f168941 Fake Antivirus FakeVimes
WINDOWSOTURUM.EXE a368d4de30159438f1a042780f168941 Trojan Crypt

WINDOWSOTURUM.EXE size: 770313 bytes
WINDOWSOTURUM.EXE hash: A368D4DE30159438F1A042780F168941

Created files:

C:\HOTSPOTSHIELD_BY_ANCHORFREE_317-589.EXE
%SysDir%\HOTSPOTSHIELD_BY_ANCHORFREE_317-589.EXE
%SysDir%\WINDOWSOTURUM.EXE
%WinDir%OTURUM.EXE
%AppData%\Windows Sesion Manager.exe

Autostart registry keys:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Windows Sesion Manager: “%AppData%\Windows Sesion Manager.exe”

Detected by UnHackMe:

WINDOWSOTURUM.EXE
Default location: %WinDir%OTURUM.EXE

Dropper information:
MD5: 2425cfc4127a8cdd8bc13a37f1783895
File size: 1501184 bytes

Leave a Reply