home

QmdManager.exe

Qernel Mode Driver Manager

Avira GmbH

The file QmdManager.exe has been detected as malware by 39 anti-virus scanners.
Publisher:
Four-F  (signed by Avira GmbH)

Product:
Qernel Mode Driver Manager

Version:
1, 3, 0, 0

MD5:
67278fd166581202058eb00ec8cc32c0

SHA-1:
5f0bf079a7fc5ab97299f77a9b39535fb5a31acf

SHA-256:
a90f0e37c6f77e64d9ed9cca0a1d5c3f2fcf9fcda215c4b93c30a992b27a9d2b

Scanner detections:
39 / 68

Status:
Malware

Analysis date:
11/27/2024 3:37:13 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.5487639
324

Agnitum Outpost
Trojan.Agent
7.1.1

AhnLab V3 Security
Worm/Win32.Yahos
2014.03.10

Avira AntiVirus
TR/Crypt.XPACK.Gen
7.11.135.228

avast!
Win32:Kryptik-AIT [Trj]
2014.9-160316

AVG
Cryptic
2017.0.2802

Baidu Antivirus
Worm.Win32.Yahos
4.0.3.16316

Bitdefender
Trojan.Generic.5487639
1.0.20.380

Bkav FE
W32.YahosQKA.Fam
1.3.0.4959

Comodo Security
TrojWare.Win32.Trojan.Agent.Gen
17907

Dr.Web
Trojan.Hottrend
9.0.1.076

Emsisoft Anti-Malware
Trojan.Generic.5487639
8.16.03.16.03

ESET NOD32
Win32/Bamital.FA
10.9519

Fortinet FortiGate
W32/Bamital.FA!tr
3/16/2016

F-Prot
W32/FakeAlert.LE.gen
v6.4.7.1.166

F-Secure
Trojan.Generic.5487639
11.2016-16-03_4

G Data
Trojan.Generic.5487639
16.3.24

IKARUS anti.virus
IM-Worm.Win32.Yahos
t3scan.2.2.29

K7 AntiVirus
Trojan
13.176.11378

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.507

Malwarebytes
Trojan.Agent
v2016.03.16.03

McAfee
PWS-Zbot.gen.do
5600.6458

Microsoft Security Essentials
TrojanDropper:Win32/Bamital.I
1.10302

MicroWorld eScan
Trojan.Generic.5487639
17.0.0.228

NANO AntiVirus
Trojan.Win32.Yahos.ieilo
0.28.0.58101

Norman
Suspicious_Gen2.IDFGO
11.20160316

nProtect
Trojan/W32.Agent.70792.C
14.03.09.01

Panda Antivirus
Bck/Qbot.AO
16.03.16.03

Qihoo 360 Security
Win32/Trojan.2aa
1.0.0.1015

Quick Heal
TrojanDropper.Bamital
3.16.12.00

Rising Antivirus
PE:Trojan.Win32.Generic.127D7FBD!310214589
23.00.65.16314

Sophos
Mal/FakeAV-IU
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-XPak
9262

Total Defense
Win32/Bamital.CD
37.0.10808

Trend Micro House Call
TROJ_SPYEYE.SMEP
7.2.76

Trend Micro
TROJ_SPYEYE.SMEP
10.465.16

Vba32 AntiVirus
Trojan.SB.01742
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Spyeye.tma
27240

ViRobot
Worm.Win32.IM-Yahos.70792
2011.4.7.4223

File size:
69.1 KB (70,792 bytes)

Product version:
1.3

Copyright:
Copyright © 2002-2005 Four-F

Original file name:
QmdManager.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\trz3e19.tmp

Digital Signature
Signed by:
Avira GmbH

Authority:
Avira GmbH

Valid from:
2/10/2011 7:10:08 PM

Valid to:
1/1/2040 12:59:59 AM

Subject:
CN=Avira GmbH

Issuer:
CN=Avira GmbH

Serial number:
754AC104F62EF3BC457491390D133973

File PE Metadata
Compilation timestamp:
6/7/2008 11:51:37 PM

OS version:
5.3

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
1536:bFf3iCIdlz016T3ejdff+oRBUJGankUFCvrR+H08i1:b5iLP01i3gdff+oz+kLjAU/

Entry address:
0x21BC0

Entry point:
60, BE, 00, 20, 41, 00, 8D, BE, 00, F0, FE, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
64 KB (65,536 bytes)

Remove QmdManager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.