BOVXDYYO.EXE – Trojan Androm removal

File	MD5	Virus Alias
BOVXDYYO.EXE	f5c2679635fbf54936a99a1f82cfbb6c	Trojan Androm
BOVXDYYO.EXE	f5c2679635fbf54936a99a1f82cfbb6c	Trojan Ransom
BOVXDYYO.EXE	f5c2679635fbf54936a99a1f82cfbb6c	Trojan Generic
BOVXDYYO.EXE	f5c2679635fbf54936a99a1f82cfbb6c	Trojan Graftor
BOVXDYYO.EXE	f5c2679635fbf54936a99a1f82cfbb6c	Adware InstallCore
BOVXDYYO.EXE	f5c2679635fbf54936a99a1f82cfbb6c	Trojan Agent

BOVXDYYO.EXE size: 198656 bytes
BOVXDYYO.EXE hash: F5C2679635FBF54936A99A1F82CFBB6C

Created files:

%Program Files%\NetMeeting\nuEPOvTr.exe
%Local AppData%\Microsoft\BovXdYyO.exe
%SysDir%\config\systemprofile\Start Menu\Programs\Startup\sdmmVYnN.exe
%TEMP%\OLCjeUbW.exe
%AppData%\Microsoft\Crypto\RSA\S-1-5-21-515967899-854245398-1708537768-1003\655a7350831c302c746f72e92c1ab924_78de4566-a5cc-4192-bf8d-014e0d2bd235

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,,%Program Files%\NetMeeting\nuEPOvTr.exe
HKLM\System\CurrentControlSet\Services\wscsvc\Start: 04000000
HKLM\System\CurrentControlSet\Services\wuauserv\Start: 04000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\AkjsDDLS: %WinDir%\System32\config\Systemprofile\Local Settings\Application Data\Microsoft\BovXdYyO.exe

Detected by UnHackMe:

BOVXDYYO.EXE
Default location: %LOCAL APPDATA%\MICROSOFT\BOVXDYYO.EXE

Dropper information:
MD5: f5c2679635fbf54936a99a1f82cfbb6c
File size: 198656 bytes

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

BOVXDYYO.EXE – Trojan Androm removal

Created files:

Autostart registry keys:

Detected by UnHackMe:

Leave a Reply Cancel reply