Trojan.Win32.Chifrax.a
Trojan.Win32.Chifrax.a is a malicious Trojan or bot that may represent a security risk for the infected PC system and/or its network environment. Trojan.Win32.Chifrax.a may propagate through tricky ads, spam email attachments or malicious adult related free images or movie downloads. Trojan.Win32.Chifrax.a can download and install additional malware threats onto the affected PC system and forward your personal information to external servers. Trojan.Win32.Chifrax.a can damage your system files and hardware. Remove Trojan.Win32.Chifrax.a immediately after detection.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:cas.bat
File name: cas.batFile type: Batch file
Mime Type: unknown/bat
justing.ocx
File name: justing.ocxMime Type: unknown/ocx
lpad132.dll
File name: lpad132.dllFile type: Dynamic link library
Mime Type: unknown/dll
lpad32.dll
File name: lpad32.dllFile type: Dynamic link library
Mime Type: unknown/dll
lowapldl.dll
File name: lowapldl.dllFile type: Dynamic link library
Mime Type: unknown/dll
web.lnk
File name: web.lnkFile type: Shortcut
Mime Type: unknown/lnk
exp1orer.lnk
File name: exp1orer.lnkFile type: Shortcut
Mime Type: unknown/lnk
magiciso.lnk
File name: magiciso.lnkFile type: Shortcut
Mime Type: unknown/lnk
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MagicISO.Document\shell\open\commandHKEY_LOCAL_MACHINE\SOFTWARE\Classes\MagicISO.Document\shell\openHKEY_LOCAL_MACHINE\SOFTWARE\Classes\MagicISO.Document\shellHKEY_LOCAL_MACHINE\SOFTWARE\Classes\MagicISO.Document\DefaultIconHKEY_LOCAL_MACHINE\SOFTWARE\Classes\MagicISO.DocumentHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A}\ProgrammableHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A}\InprocServer32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\MagicISOHKEY_LOCAL_MACHINE\SOFTWARE\Classes\.uifHKEY_LOCAL_MACHINE\SOFTWARE\Classes\.isoHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\MagicISOHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\MagicISOHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A}\VersionIndependentProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Magic ISO Maker v5.3 (build 0221)HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Misosh.MShellExtMenu.1\CLSIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Misosh.MShellExtMenu.1HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Misosh.MShellExtMenu\CurVerHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Misosh.MShellExtMenu\CLSIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Misosh.MShellExtMenuHKEY_CURRENT_USER\Software\WinRAR SFXHKEY_CURRENT_USER\Software\MagicISO
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.