PUP.Astromenda
Posted: July 29, 2014
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 1,368 |
---|---|
Threat Level: | 1/10 |
Infected PCs: | 344,504 |
First Seen: | July 29, 2014 |
---|---|
Last Seen: | October 17, 2023 |
OS(es) Affected: | Windows |
Aliases
Generic36.AFHE [AVG]GrayWare[AdWare:not-a-virus]/Win32.Agent [Antiy-AVL]Troj/Agent-AJJO [Sophos]BehavesLike.Win32.Dropper.fh [McAfee-GW-Edition]ADW_STARTPAGE [TrendMicro]ApplicUnwnt [Comodo]not-a-virus:AdWare.Win32.Agent.gpgg [Kaspersky]Adware.DealPly [Symantec]Artemis!6C83D6FDCE5C [McAfee]AdWare.Agent.r6 (Not a Virus) [CAT-QuickHeal]Generic_s.DM [AVG]Adware.Downware.8492 [DrWeb]Win32:Dropper-gen [Drp] [Avast]Trojan Horse [Symantec]
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.25 KB (537251 bytes)
MD5: 1c03f480fbe4181a98346c9774dcb2f7
Detection count: 192
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.71 KB (537717 bytes)
MD5: 6e1f5d6ec652d993672aeda0ed35490c
Detection count: 129
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%SystemDrive%\Users\<username>\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.91 KB (537916 bytes)
MD5: 7872c835da46c29736d0e8b7d2f73ff5
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\AppData\Roaming\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\bkup.dat
File name: bkup.datSize: 16.9 KB (16901 bytes)
MD5: d99b3faa579c71391318c52462c3f21f
Detection count: 61
File type: Data file
Mime Type: unknown/dat
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: July 7, 2017
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 502.4 KB (502402 bytes)
MD5: 228ef1c2d1c8d0f1b80da0ae9f9eb750
Detection count: 49
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 538.03 KB (538030 bytes)
MD5: 31536a79e297140ba591c6a634913d01
Detection count: 44
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 538.46 KB (538468 bytes)
MD5: 91af9bdce640e7e0eb08fab569fa4e1e
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%SystemDrive%\Users\<username>\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.1 KB (537105 bytes)
MD5: 4a0a6d2cffa1bfcf80a805742e3cdc31
Detection count: 37
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\AppData\Roaming\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.44 KB (537449 bytes)
MD5: 2af6fd501749d4abde7f1b8920cb3aba
Detection count: 33
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.76 KB (537768 bytes)
MD5: 756ee93646c9567480ac05a3261667b2
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 492.48 KB (492488 bytes)
MD5: 8807418aa5e4b7bac119017fa7bd8aaa
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.66 KB (537661 bytes)
MD5: 385928ae698e982e060955515576b6df
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.59 KB (537598 bytes)
MD5: 7f8e292ecece1f91690b5aee2391172b
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 527.46 KB (527461 bytes)
MD5: e90414b1b88e28ed45b69bfad696ef80
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 527.17 KB (527179 bytes)
MD5: 8a8fdc88d3b2644681b2ad1d886f4000
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 501.97 KB (501973 bytes)
MD5: 045dc81ccdc5da56a2c1f6986deffced
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 502.47 KB (502473 bytes)
MD5: 4f75285599ffe76130d96738a7fb85a4
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 538.76 KB (538769 bytes)
MD5: 7276dccac0f383fb945680da4d9eb2f0
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%SystemDrive%\Users\<username>\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.1 KB (537100 bytes)
MD5: 7f6a78ea233028607d2dbd1aa4c74b66
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\AppData\Roaming\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.08 KB (537088 bytes)
MD5: 9eca9703952e73cdd8c79d76e3dd485a
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
%APPDATA%\WSE_Astromenda\UpdateProc\UpdateTask.exe
File name: UpdateTask.exeSize: 537.93 KB (537932 bytes)
MD5: 970cda0c11e2ca60a0827979a104125d
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\WSE_Astromenda\UpdateProc
Group: Malware file
Last Updated: March 22, 2016
More files
Registry Modifications
The following newly produced Registry Values are:
File name without pathAstromenda.lnkRegexp file mask%LOCALAPPDATA%\Astromenda\Application\astromenda.exe%WinDir%\System32\Tasks\Astromenda%WINDIR%\System32\Tasks\WSE_Astromenda%windir%\Tasks\Astromenda.job%WINDIR%\Tasks\WSE_Astromenda.jobHKEY..\..\..\..{RegistryKeys}Software\astromendaSoftware\Astromenda BrowserSOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}SOFTWARE\Classes\Wow6432Node\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\WSE_Astromenda.jobSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\WSE_Astromenda.job.fpSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AstromendaSOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\astromenda.exeSoftware\Microsoft\Windows\CurrentVersion\RunOnce\AstromendaSoftware\Microsoft\Windows\CurrentVersion\RunOnce\WSE_AstromendaSOFTWARE\Wow6432Node\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}SOFTWARE\Wow6432Node\Microsoft\MediaPlayer\ShimInclusionList\astromenda.exeSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\astromenda.exeSoftware\WSE_AstromendaHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AstromendaWSE_Astromenda
File name without pathAstromenda.lnkRegexp file mask%LOCALAPPDATA%\Astromenda\Application\astromenda.exe%WinDir%\System32\Tasks\Astromenda%WINDIR%\System32\Tasks\WSE_Astromenda%windir%\Tasks\Astromenda.job%WINDIR%\Tasks\WSE_Astromenda.jobHKEY..\..\..\..{RegistryKeys}Software\astromendaSoftware\Astromenda BrowserSOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}SOFTWARE\Classes\Wow6432Node\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\WSE_Astromenda.jobSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\WSE_Astromenda.job.fpSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AstromendaSOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\astromenda.exeSoftware\Microsoft\Windows\CurrentVersion\RunOnce\AstromendaSoftware\Microsoft\Windows\CurrentVersion\RunOnce\WSE_AstromendaSOFTWARE\Wow6432Node\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}SOFTWARE\Wow6432Node\Microsoft\MediaPlayer\ShimInclusionList\astromenda.exeSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\astromenda.exeSoftware\WSE_AstromendaHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AstromendaWSE_Astromenda
Additional Information
The following directories were created:
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Astromenda%APPDATA%\WSE_Astromenda%AppData%\Astromenda%LOCALAPPDATA%\Astromenda%LOCALAPPDATA%\AstromendaKMS%PROGRAMFILES%\Astromenda%PROGRAMFILES%\WSE_ASTROMENDA%PROGRAMFILES(x86)%\Astromenda%PROGRAMFILES(x86)%\WSE_ASTROMENDA%UserProfile%\Local Settings\Application Data\Astromenda
The following URL's were detected:
Astromenda Search Addonastromenda.comhttp://astromenda.com/?a=&q=
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.