We received the file STOOL.DLL and detected that STOOL.DLL is not good.
STOOL.DLL is Adware. You should remove the file STOOL.DLL.
Kill the process STOOL.DLL and remove STOOL.DLL from Windows.
Malware Analysis of STOOL.DLL
Full path on a computer: %Program Files%\STool\STool.dll
Detected by UnHackMe:
STOOL.DLL
Default location: %Program Files%\STool\STool.dll
Removal Results: Success
Number of reboot: 1
STOOL.DLL is known as:
Adware.Kraddare.GN, MalSign.Nbiz, Win32.Trojan.Adware.37e
STOOL.DLL hash:
- MD5: 069d839c4fd6bdb2e26d903a5d7f2462
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect STOOL.DLL presence?
Image may be NSFW.
Clik here to view.
Registry:
Clik here to view.
Registry:- HKLM\Software\Classes\CLSID\{88B3E7BD-0AD1-44FD-823F-9E880D871D5D}\InprocServer32\: “%Program Files%\STool\STool.dll”
- HKLM\Software\Classes\CLSID\{C5C4B8B0-6077-4E32-BC18-A45FB81BC6B4}\InprocServer32\: “%Program Files%\STool\STool.dll”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\STool: “%Program Files%\STool\STool.exe”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\STool\DisplayName: “STool”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\STool\UninstallString: “%Program Files%\STool\Uninstall.exe”
- HKLM\System\CurrentControlSet\Services\WinLogon\ImagePath: “%Temp%\svchost.exe”
- HKLM\System\CurrentControlSet\Services\WinLogon\DisplayName: “WinLogon”
Image may be NSFW.
Clik here to view.Folders:
Clik here to view.
Folders:- %Program Files%\STool
Image may be NSFW.
Clik here to view.Files:
Clik here to view.
Files:- %Temp%\svchost.exe
- %Temp%\updat.xxx
- %Program Files%\STool\setting.dat
- %Program Files%\STool\STool.dll
- %Program Files%\STool\STool.exe
- %Program Files%\STool\Uninstall.exe
