Removed: umdmgr.exe

February 15, 2010 by NightWatcher
Filed under: Malware

Malware: C:\sand-box\13a04f20a93c84b6bd1f3b77e3ef68e4.exe
Removed: C:\WINDOWS\system32\umdmgr.exe
—————————————————————————————————————————-
Classification:

Antivirus	Version	Last Update	Result
F-Secure	9.0.15370.0	2010.02.12	-
Kaspersky	7.0.0.125	2010.02.12	-
McAfee	5890	2010.02.12	-
Microsoft	1.5406	2010.02.12	-
NOD32	4861	2010.02.12	-
Symantec	20091.2.0.41	2010.02.12	Suspicious.Insight

—————————————————————————————————————————-
Additional information
File size: 217095 bytes
MD5 : adb46e2b4d0313d8fe770591e826a436
SHA1 : 5271544cdb216d9874e877b95816f4cd4efc1226
SHA256: 34aa81845b990265d63826a6c486c97753c0d52e14ce09dfce66f209bc54b6dc
—————————————————————————————————————————-
Installation
When the program is executed, it creates the following registry subkeys and values:

———————————-
Keys added:1
———————————-
HKLM\SOFTWARE\Microsoft\DownloadManager

———————————-
Values added:1
———————————-
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\13a04f20a93c84b6bd1f3b77e3ef68e4: “C:\WINDOWS\system32\umdmgr.exe”

———————————-
Files added:2
———————————-
C:\Documents and Settings\Administrator\Local Settings\Temp\umdmgr.ini
C:\WINDOWS\system32\umdmgr.exe

———————————-
Files deleted:1
———————————-
C:\sand-box\13a04f20a93c84b6bd1f3b77e3ef68e4.exe

———————————-
Total changes:5
———————————-

—————————————————————————————————————————-
Detected by UnHackMe:

Item Name: 13a04f20a93c84b6bd1f3b77e3ef68e4
Author: Unknown
Related File: C:\WINDOWS\system32\umdmgr.exe
Type: Registry Run

Item Name: umdmgr.exe
Author: Unknown
Related File: C:\WINDOWS\SYSTEM32\UMDMGR.EXE
Type: Running Processes

Removal Results: Success
Number of reboot: 1
—————————————————————————————————————————-
Recommended software:
UnHackMe anti-rootkit and anti-malware
http://www.unhackme.com
RegRun Security Suite (Good choice for removal and protection)
http://www.regrun.com

Remove it now!

Tags: umdmgr.exe, worldadult.biz

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

Greatis Software
- Free Download
- Send a file
AverScanner

AverScaner- EveryDay Malware Scan
Testimonials

People say

Greg
I spent over 10 hours trying to manually hunt down and remove a rootkit and browser hijacker from my computer. That was a mistake!
This virus/malware could not be removed by Norton, ZoneLabs, MS Essentials; etc.
In about 1 hour, I was able to download your software, create the CD-ROM, watch the instruction video and kill 3 ROOKITS from my PC. (Your software hunted down the rootkits and killed them like Spetsnaz going after the enemy!) Get it!
Joseph
Your product is the only one on the market that has found and removed rootkits from my system, three rootkits to be precise. I have used other products but they don't measure up to UnHackMe.
Bob
The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

Click Here to Update All your PC's Outdated drivers
Categories
- Adware
- Backdoor
- Fake Driver-Codec
- Fake System Tool
- FakeAV
- Malware
- Malware Domain
- Not-a-Virus
- Ransomware
- Rootkit
- unknown
- Virus
- Worm
Recent Posts

Remember: the best way to remove rootkits is from the outside!
Blogroll
Popular
Tags

3308c706 Adware Agent Ainslot ATAPI.SYS AutoRun autorun.inf Backdoor Bancos Banker Banload BHO Bifrose Buzus Darkbot Delf Fake AntiVirus FakeAV Injector IRCBot Jorik KeyLogger Kraddare lsass.exe Malware Domain Oficla OnLineGames Palevo Rebhip Rootkit Scar services.exe SpyEye svchost.exe Taterf TDSS Trojan VB VBInject VBKrypt Virus Votwup winlogon.exe Worm ZeroAccess

Malware Analysis and Removal

Removed: umdmgr.exe

Comments

Greatis Software

AverScanner

Testimonials

People say

Categories

Recent Posts

Blogroll

Popular

Tags