What is “Backdoor.Win32.Androm.tvzh”?

The Backdoor.Win32.Androm.tvzh is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor.Win32.Androm.tvzh virus can do?

Executable code extraction
Creates RWX memory
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Backdoor.Win32.Androm.tvzh?


File Info:
crc32: BEC3A031
md5: 50b1d1dfece17fe955bf9da7942c5a73
name: vbc.exe
sha1: 850b3f601b12b29834662eaeccbf3a0b64a1865d
sha256: f5c9d7e1a4975f9854ffcd690b4ca54dfd4007f48e290300c137c996cdf0f2c7
sha512: ddf81af3cd83e0f9f496c56943ee34c9e40aceefc962233f6c5abe83376b24db8d0329a685f680d6c433594717e67dfa1c7a4fd611438ea053bba5a4988a2edb
ssdeep: 768:5tIU7caIyqWimCZ2iow8edh6hqIILo3XE8DvR0Yi/GsIqY:5aU7cVVWjijmhzILoH5R0z/SZ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0409 0x04b0
LegalCopyright: Nation
InternalName: Albed9
FileVersion: 1.00
CompanyName: pourp
LegalTrademarks: egotr
Comments: usvige
ProductName: Leuco1
ProductVersion: 1.00
FileDescription: topplegr
OriginalFilename: Albed9.exe

Backdoor.Win32.Androm.tvzh also known as:

MicroWorld-eScan	Trojan.GenericKD.42830523
McAfee	Fareit-FRP!50B1D1DFECE1
Cylance	Unsafe
AegisLab	Trojan.Multi.Generic.4!c
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Trojan.GenericKD.42830523
K7GW	Riskware ( 0040eff71 )
TrendMicro	TROJ_FRS.VSNTC920
BitDefenderTheta	Gen:NN.ZevbaCO.34098.em0@aer7gAdi
F-Prot	W32/Injector.ZY.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
TrendMicro-HouseCall	TROJ_FRS.VSNTC920
Avast	Win32:Trojan-gen
GData	Win32.Trojan-Downloader.Dagurleo.R59YBY
Kaspersky	Backdoor.Win32.Androm.tvzh
Rising	Backdoor.Androm!8.113 (CLOUD)
Ad-Aware	Trojan.GenericKD.42830523
Sophos	Mal/Generic-S
DrWeb	Trojan.Siggen9.18631
McAfee-GW-Edition	Fareit-FRP!50B1D1DFECE1
Trapmine	suspicious.low.ml.score
Emsisoft	Trojan.GenericKD.42830523 (B)
APEX	Malicious
Cyren	W32/Injector.ZY.gen!Eldorado
eGambit	Unsafe.AI_Score_99%
Endgame	malicious (high confidence)
Arcabit	Trojan.Generic.D28D8ABB
ZoneAlarm	Backdoor.Win32.Androm.tvzh
Microsoft	Trojan:Win32/VBInject.BS!MTB
AhnLab-V3	Trojan/Win32.VBKrypt.C4007141
MAX	malware (ai score=84)
Malwarebytes	Trojan.MalPack.VB
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Injector.EKYI
Tencent	Win32.Backdoor.Androm.Suxl
Ikarus	Trojan.VB.Crypt
Fortinet	W32/GenKryptik.EFWG!tr
Webroot	W32.Trojan.Gen
AVG	Win32:Trojan-gen
CrowdStrike	win/malicious_confidence_60% (W)
Qihoo-360	Win32/Backdoor.d1f

How to remove Backdoor.Win32.Androm.tvzh?

Backdoor.Win32.Androm.tvzh removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X