Win32/Agent.SFM is a Trojan that targets credentials used to log into websites designed by cybercriminals. Win32/Agent.SFM does not send a lot of information on recent activities on the compromised machine, but is picky in transferring the gathered data. While being run, Win32/Agent.SFM drops and executes infected files on the corrupted PC from a remote server and/or the web. Win32/Agent.SFM also modifies the Windows Registry by creating Registry entries. Win32/Agent.SFM collects confidential information and various data linked to the infected computer system.
How Can You Detect Win32/Agent.SFM?
Win32/Agent.SFM Removal Details
Win32/Agent.SFM has typically the following processes in memory:
- %RANDOM CHARACTERS1%.dll
Win32/Agent.SFM creates the following files in the system:
- %Commonappdata%\ur%RANDOM CHARACTERS2%
Win32/Agent.SFM creates the following registry entries:
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]