TMP78178.EXE – Backdoor Andromeda

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

TMP78178.EXE – Backdoor Andromeda removal

FileMD5Virus Alias
TMP78178.EXE f6b2855a68164ed2959e573f4c9d14b4 Backdoor Andromeda
TMP78178.EXE f6b2855a68164ed2959e573f4c9d14b4 Trojan Generic
TMP78178.EXE f6b2855a68164ed2959e573f4c9d14b4 Trojan Androm
TMP78178.EXE f6b2855a68164ed2959e573f4c9d14b4 Worm Gamarue
TMP78178.EXE f6b2855a68164ed2959e573f4c9d14b4 Trojan Crypt
TMP78178.EXE f6b2855a68164ed2959e573f4c9d14b4 Virus Vbcrypt

TMP78178.EXE size: 180224 bytes
TMP78178.EXE hash: F6B2855A68164ED2959E573F4C9D14B4

Created files:

%TEMP%\tmp78178.exe
%AllUsersProfile%\explorer.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Start WingMan Profiler: %AllUsersProfile%\explorer.exe

Detected by UnHackMe:

TMP78178.EXE
Default location: %TEMP%\TMP78178.EXE

Dropper information:
MD5: f6b2855a68164ed2959e573f4c9d14b4
File size: 180224 bytes

Leave a Reply