Max Secure Software: Encyclopedia

Home / Spyware Encyclopedia / Proxy.Agent << Back

Recommendation to Automatically remove Proxy.Agent

Our products can remove Proxy.Agent and thousands of other Virus and Spyware automatically and instantly.

Proxy.Agent Details

Category Proxy
Discovered 6/11/2024 1:04:34 PM
Modified 6/12/2024 10:38:35 AM
Threat Level Critical
Category Description
Proxy Trojan turns the victim's computer into a proxy server. This gives the attacker the opportunity to do everything from your computer, including the possibility of conducting credit card fraud and other illegal activities, or even to use system to launch malicious attacks against other networks.

The following Files were created:

VALUE	FILESIZE	COMPANYNAME	VERSION	SIGNATURE
GunShadow.sys	3840	AiRPAGE.ORG	1.0.0.1	fdc82c8c54548df77476d7cccf62884a
415AB6BA.EXE	3281150		7.0.1.0	b42a11e03f5a6dbfb03b80da1481f2c8
B9ADF3A7.DLL	23040		6.0.2900.2180	c36989be9102fc307074f5295952d58d
F37F1C7B.DLL	73728		5.3.0.3	79b0fe7bcb966767dd64ef3cd0cfe166
09D0150B.DLL	73728		5.3.0.3	335528c53318d36fe270a9eadcb4ffe7
343ee046.dll	73728		5.3	fce5f069e2606cdd11f0ab9617fd004a
9a9f3395.dll	32768		1.0.0.0	1f474ef589843300c048b3f24e791550
socks.exe	86321		1.0.0.0
237EE237.DLL	73728		0.0.0.0	1e0036f7e188907e07b94956905592bd
GunShadow.dll	28672			ffcf24294fc70d2b60b6bd31623f3b74

The following Registry Entries were created:

..\Software\Microsoft\Windows\CurrentVersion\Run\\"advanced dhtml enable"\"%das.au.ls%\temp\a2522624.exe"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"findfullsoft"\"%win%\findfullsoft.exe"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"winlogon"\"%DAS%\admin\Local Settings\Temp\697335bb.exe"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"WINLOGON"\"%WIN%\CSRSS.EXE"

..\System\CurrentControlSet\Enum\root\legacy_websrvx\(Default)

..\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\"53:TCP"\"53:TCP:*:Enabled:websrvx"

..\Software\Microsoft\Windows\\"sft"\"x"

..\Software\Microsoft\Windows\\"SUID"\"37DA733C2B614DB1B5FEED0CE750308C"

..\Software\Microsoft\Windows\\"IVS"\"13"

..\Software\winsock2\rrr\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Recommendation to Automatically remove Proxy.Agent

Proxy.Agent Details

Useful Links