Home / Spyware Encyclopedia / Proxy.Agent << Back

Recommendation to Automatically remove Proxy.Agent


Our products can remove Proxy.Agent and thousands of other Virus and Spyware automatically and instantly.

Proxy.Agent Details


  • Category Proxy
  • Discovered 6/11/2024 1:04:34 PM
  • Modified 6/12/2024 10:38:35 AM
  • Threat Level Critical
  • Category Description
    Proxy Trojan turns the victim's computer into a proxy server. This gives the attacker the opportunity to do everything from your computer, including the possibility of conducting credit card fraud and other illegal activities, or even to use system to launch malicious attacks against other networks.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
GunShadow.sys 3840AiRPAGE.ORG1.0.0.1fdc82c8c54548df77476d7cccf62884a 
415AB6BA.EXE 3281150 7.0.1.0b42a11e03f5a6dbfb03b80da1481f2c8 
F37F1C7B.DLL 73728 5.3.0.379b0fe7bcb966767dd64ef3cd0cfe166 
09D0150B.DLL 73728 5.3.0.3335528c53318d36fe270a9eadcb4ffe7 
14E40B0A.DLL 65536 1.0.1.1c7080dccf9fb61af5584b482c38116bf 
9a9f3395.dll 32768 1.0.0.01f474ef589843300c048b3f24e791550 
237EE237.DLL 73728 0.0.0.01e0036f7e188907e07b94956905592bd 
GunShadow.dll 28672  ffcf24294fc70d2b60b6bd31623f3b74 
d24bd051.exe 353280  fa59d9a8229497c750d2fd19eebad32c 
70ea33e2.dll 26112  f363c4d4e37162dc00b43642b7c17238 

The following Registry Entries were created:
..\Software\Microsoft\Windows\CurrentVersion\Run\\"advanced dhtml enable"\"%das.au.ls%\temp\a2522624.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"findfullsoft"\"%win%\findfullsoft.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"winlogon"\"%DAS%\admin\Local Settings\Temp\697335bb.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"WINLOGON"\"%WIN%\CSRSS.EXE"
..\System\CurrentControlSet\Enum\root\legacy_websrvx\(Default)
..\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\"53:TCP"\"53:TCP:*:Enabled:websrvx"
..\Software\Microsoft\Windows\\"sft"\"x"
..\Software\Microsoft\Windows\\"SUID"\"37DA733C2B614DB1B5FEED0CE750308C"
..\Software\Microsoft\Windows\\"IVS"\"13"
..\Software\winsock2\rrr\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.