Win32/Wajam.A

malware No Comments

Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved! 5 Stars (5 / 5)

Win32/Wajam.A also known as Wajam (fs).

Malware Analysis of Win32/Wajam.A

Created files:

%Local Appdata%GoogleChromeUser DataDefaultCachef_000058
%Local Appdata%GoogleChromeUser DataDefaultCachef_000059
%Local Appdata%GoogleChromeUser DataDefaultCachef_00005a
%Local Appdata%GoogleChromeUser DataDefaultCachef_00005b
%Local Appdata%GoogleChromeUser DataDefaultCachef_00005c
%Local Appdata%GoogleChromeUser DataDefaultCachef_00005d
%Local Appdata%GoogleChromeUser DataDefaultCachef_00005e
%Local Appdata%GoogleChromeUser DataDefaultCachef_00005f
%Local Appdata%GoogleChromeUser DataDefaultCachef_000060
%Local Appdata%GoogleChromeUser DataDefaultCachef_000061
%Local Appdata%GoogleChromeUser DataDefaultLocal Storagechrome-extension_jpmbfleldcgkldadpdinhjjopdfpjfjp_0.localstorage
%Local Appdata%GoogleChromeUser DataDefaultLocal Storagechrome-extension_jpmbfleldcgkldadpdinhjjopdfpjfjp_0.localstorage-journal
%Local Appdata%GoogleChromeUser DataDefaultLocal Storagehttp_www.wajam.com_0.localstorage
%Local Appdata%GoogleChromeUser DataDefaultLocal Storagehttp_www.wajam.com_0.localstorage-journal
%Local Appdata%GoogleChromeUser DataDefaultExtension Rules00005.log
%Local Appdata%GoogleChromeUser DataDefaultExtension RulesCURRENT
%Local Appdata%GoogleChromeUser DataDefaultExtension RulesLOCK
%Local Appdata%GoogleChromeUser DataDefaultExtension RulesLOG
%Local Appdata%GoogleChromeUser DataDefaultExtension RulesLOG.old
%Local Appdata%GoogleChromeUser DataDefaultExtension RulesMANIFEST-000004
%Local Appdata%GoogleChromeUser DataDefaultExtension State00003.log
%Local Appdata%GoogleChromeUser DataDefaultExtension StateCURRENT
%Local Appdata%GoogleChromeUser DataDefaultExtension StateLOCK
%Local Appdata%GoogleChromeUser DataDefaultExtension StateLOG
%Local Appdata%GoogleChromeUser DataDefaultExtension StateMANIFEST-000002
%Local Appdata%GoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp1.24_0htmlbackground.html
%Local Appdata%GoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp1.24_0jsbackground.js
%Local Appdata%GoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp1.24_0jspriam.js
%Local Appdata%GoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp1.24_0jspriam_background.js
%Local Appdata%GoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp1.24_0jspriam_chrome.js
%Local Appdata%GoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp1.24_0manifest.json
%Local Appdata%GoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp1.24_0pluginsPriamNPAPI.dll
%Local Appdata%GoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp1.24_0priam_icon_128x128.png
%Local Appdata%GoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp1.24_0priam_icon_48x48.png
%Local Appdata%GoogleChromeUser DataDefaultHistory Index 2013-08
%Local Appdata%GoogleChromeUser DataDefaultHistory Index 2013-08-journal
%Local Appdata%GoogleChromeUser DataDefaultREADME
%Local Appdata%GoogleChromeUser DataDefaultSession Storage00003.log
%Local Appdata%GoogleChromeUser DataDefaultSession StorageCURRENT
%Local Appdata%GoogleChromeUser DataDefaultSession StorageLOCK
%Local Appdata%GoogleChromeUser DataDefaultSession StorageLOG
%Local Appdata%GoogleChromeUser DataDefaultSession StorageMANIFEST-000002
%Local Appdata%GoogleChromeUser DataDefaultTransportSecurity
%Local Appdata%GoogleChromeUser Datalockfile
%Local Appdata%WajamChromewajam.crx
%Temp%etilqs_dgAqa3D5rG0e7nM
%Temp%etilqs_LY4daARKsDR7Myz
%Temp%etilqs_NVBTm6YaNaWVqHY
%Temp%nsu2.tmpRegistry.dll
%Temp%scoped_dir_3252_21162wajam.crx
%Temp%wajam_download.exe
%Programs%Wajamuninstall.lnk
C:Documents and SettingsLocalServiceCookiessystem@wajam[1].txt
C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5LUIIOHEMdesktop.ini
C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5LUIIOHEMwajam_update[1].exe
%Program Files%WajamFirefox{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
%Program Files%WajamIEfavicon.ico
%Program Files%WajamIEpriam_bho.dll
%Program Files%WajamIEwajamLogo.bmp
%Program Files%Wajamuninstall.exe
%Program Files%WajamUpdaterupdate.exe
%Program Files%WajamUpdaterWajamUpdater.exe
%SysDir%wbemAutoRecover23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
%SysDir%wbemAutoRecoverC8463ECBE33BC240263A0B094E46D510.mof
%WinDir%TempTempWmicBatchFile.bat

Detected by UnHackMe:

WAJAMUPDATER.EXE
Default location: %PROGRAM FILES%WAJAMUPDATERWAJAMUPDATER.EXE

Written by 

Malware Hunter.

UnHackMe removes malware invisible for your antivirus!

Free Download

1
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.

Tatva WordPress theme by IdeaBox

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera