Backdoor Andromeda Virus

 

http://vms.drweb.com/virus+anatomy/?lng=en&i=2415

http://www.freedrweb.com/show/?c=19&lng=en&i=2415

 

The program MSDUBMNA.SCR is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem withMSDUBMNA.SCR.
Download for free: http://www.unhackme.com

Malware Analysis of MSDUBMNA.SCR
Full path on a computer: C:Documents and SettingsAll UsersLocal SettingsTempmsdubmna.scr

Detected by UnHackMe:

MSDUBMNA.SCR
Default location: C:Documents and SettingsAll UsersLocal SettingsTempmsdubmna.scr

Removal Results: Success
Number of reboot: 1

MSDUBMNA.SCR is known as:

 

Backdoor.Andromeda

MSDUBMNA.SCR hash:

  • MD5: fd2fae29db6a3c050fa11bbb00326d56
The file tries to download information from some web sites.
How to quickly detect MSDUBMNA.SCR presence?

 

Folders:
  • C:Documents and SettingsAll UsersLocal SettingsTemp
  • %WinDir%$NtUninstallKB62478$
Files:
  • C:Documents and SettingsAll UsersLocal SettingsTempmsdubmna.scr
  • %SysDir%dds_trash_log.cmd
  • %SysDir%NeroMediaHomeService.4.dll

http://greatis.com/blog/backdoor/msdubmna-scr-2.htm