W32/Agent.CDVS!tr

malware No Comments

Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved! 5 Stars (5 / 5)

W32/Agent.CDVS!tr also known as Trojan.Win32.Agent.ccceou, MSIL/TrojanDownloader.Adload.AA, TScope.Trojan.MSIL.

Malware Analysis of W32/Agent.CDVS!tr

Created files:

%Appdata%Mozilla Firefox.lnk
%Local Appdata%Temphtmcssimagesanimated-overlay.gif
%Local Appdata%Temphtmcssimagesui-bg_diagonals-thick_18_b81900_40x40.png
%Local Appdata%Temphtmcssimagesui-bg_diagonals-thick_20_666666_40x40.png
%Local Appdata%Temphtmcssimagesui-bg_flat_10_000000_40x100.png
%Local Appdata%Temphtmcssimagesui-bg_glass_100_f6f6f6_1x400.png
%Local Appdata%Temphtmcssimagesui-bg_glass_100_fdf5ce_1x400.png
%Local Appdata%Temphtmcssimagesui-bg_glass_65_ffffff_1x400.png
%Local Appdata%Temphtmcssimagesui-bg_gloss-wave_35_f6a828_500x100.png
%Local Appdata%Temphtmcssimagesui-bg_highlight-soft_100_eeeeee_1x100.png
%Local Appdata%Temphtmcssimagesui-bg_highlight-soft_75_ffe45c_1x100.png
%Local Appdata%Temphtmcssimagesui-icons_222222_256x240.png
%Local Appdata%Temphtmcssimagesui-icons_228ef1_256x240.png
%Local Appdata%Temphtmcssimagesui-icons_ef8c08_256x240.png
%Local Appdata%Temphtmcssimagesui-icons_ffd27a_256x240.png
%Local Appdata%Temphtmcssimagesui-icons_ffffff_256x240.png
%Local Appdata%Temphtmcssjquery-ui-1.10.0.custom.css
%Local Appdata%Temphtmcssjquery-ui-1.10.0.custom.min.css
%Local Appdata%Temphtmgetactivation.jpg
%Local Appdata%Temphtmnachat-ustanovku.jpg
%Local Appdata%Temphtmobratno.jpg
%Local Appdata%Temphtmopen.php
%Local Appdata%Temphtmorange-four.jpg
%Local Appdata%Temphtmorange-one.jpg
%Local Appdata%Temphtmorange-three.jpg
%Local Appdata%Temphtmorange-two.jpg
%Local Appdata%Temphtmotmena.jpg
%Local Appdata%Temphtmpage.html
%Local Appdata%Temphtmpage2.html
%Local Appdata%Temphtmpage3.html
%Local Appdata%Temphtmpage4.html
%Local Appdata%Temphtmprodoljaem.jpg
%Local Appdata%Temphtmtext.html
%Startmenu%Mozilla Firefox.lnk
%Common Appdata%Mozillaruirtbi.dll
%Common Appdata%Mozillazpvckrd.exe
%Common Startmenu%Mozilla Firefox.lnk
%Program Files%LaXobashni_kiaa.vbs
%Program Files%LaXopolovinkaostankinskoi.vbs
%Program Files%LaXotrizvonkaiodnatete.bat
%Program Files%LaXoveseli_praz.nik
%Program Files%LaXozakrivaya.glaza
%Program Files%SubwaySurfers4konya.exe
%Program Files%SubwaySurfersInterop.IWshRuntimeLibrary.dll
%Program Files%SubwaySurfersmac.exe
%Program Files%SubwaySurfersrunme.exe
%Program Files%SubwaySurfersSubwaySurfers.exe
%Program Files%YaFinderinjected.js
%Program Files%YaFinderInterop.IWshRuntimeLibrary.dll
%Program Files%YaFinderjquery.js
%Program Files%YaFindermain.js
%Program Files%YaFindermanifest.json
%Program Files%YaFinderupd.exe
%SysDir%driversetchists
%WinDir%Tasksmnashbk.job

Detected by UnHackMe:

UPD.EXE
Default location: %PROGRAM FILES%YAFINDERUPD.EXE

Written by 

Malware Hunter.

UnHackMe removes malware invisible for your antivirus!

Free Download

1
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.

Tatva WordPress theme by IdeaBox

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera