Trojan.Agent/Gen-Stranfom

Trojan No Comments

Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved! 5 Stars (5 / 5)

Malware Analysis of Trojan.Agent/Gen-Stranfom

Created files:

%Local Appdata%\Xpom\Application\28.0.1500.73\Locales\ml.dll
%Local Appdata%\Xpom\Application\28.0.1500.73\Locales\ml.pak
%Local Appdata%\Xpom\Application\28.0.1500.73\Locales\mr.dll
%Local Appdata%\Xpom\Application\28.0.1500.73\Locales\mr.pak
%Local Appdata%\Xpom\Application\28.0.1500.73\Locales\ms.dll

Autostart registry keys:

HKLM\Software\Classes\CLSID\{09900DE8-1DCA-443F-9243-26FF581438AF}\InprocServer32\: “%Program Files%\Mail.Ru\Sputnik\MailRuSputnik.dll”
HKLM\Software\Classes\CLSID\{21A07E17-5809-484C-80D8-938064663D47}\InprocServer32\: “%Program Files%\Cashsyst\Basement\Extension32.dll”
HKLM\Software\Classes\CLSID\{8984B388-A5BB-4DF7-B274-77B879E179DB}\InprocServer32\: “%Program Files%\Mail.Ru\Sputnik\MailRuSputnik.dll”
HKLM\Software\Classes\CLSID\{DB487D2D-4D61-4423-B125-364BD6D2932F}\LocalServer32\: “%Program Files%\Cashsyst\Basement\BackgroundEngine.exe”
HKLM\Software\Classes\ChromiumHTM.NARYC4MAR452DWMECJZECYNNAA\shell\open\command\: “”%Local Appdata%\Xpom\Application\chrome.exe” — “%1″”
HKLM\Software\Clients\StartMenuInternet\

Written by 

Malware Hunter.

UnHackMe removes malware invisible for your antivirus!

Free Download

1
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.

Tatva WordPress theme by IdeaBox

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera