We received the file STOOL.DLL and detected that STOOL.DLL is not good.
STOOL.DLL is Adware. You should remove the file STOOL.DLL.
Kill the process STOOL.DLL and remove STOOL.DLL from Windows.
Malware Analysis of STOOL.DLL
Full path on a computer: %Program Files%\STool\STool.dll
Detected by UnHackMe:
STOOL.DLL
Default location: %Program Files%\STool\STool.dll
Removal Results: Success
Number of reboot: 1
STOOL.DLL is known as:
Adware.Kraddare.GN, MalSign.Nbiz, Win32.Trojan.Adware.37e
STOOL.DLL hash:
- MD5: 069d839c4fd6bdb2e26d903a5d7f2462
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect STOOL.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\CLSID\{88B3E7BD-0AD1-44FD-823F-9E880D871D5D}\InprocServer32\: “%Program Files%\STool\STool.dll”
- HKLM\Software\Classes\CLSID\{C5C4B8B0-6077-4E32-BC18-A45FB81BC6B4}\InprocServer32\: “%Program Files%\STool\STool.dll”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\STool: “%Program Files%\STool\STool.exe”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\STool\DisplayName: “STool”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\STool\UninstallString: “%Program Files%\STool\Uninstall.exe”
- HKLM\System\CurrentControlSet\Services\WinLogon\ImagePath: “%Temp%\svchost.exe”
- HKLM\System\CurrentControlSet\Services\WinLogon\DisplayName: “WinLogon”
Folders:- %Program Files%\STool
Files:- %Temp%\svchost.exe
- %Temp%\updat.xxx
- %Program Files%\STool\setting.dat
- %Program Files%\STool\STool.dll
- %Program Files%\STool\STool.exe
- %Program Files%\STool\Uninstall.exe