VBA/TrojanDownloader.Agent.STF removal guide

Malware Removal

The VBA/TrojanDownloader.Agent.STF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Review

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What VBA/TrojanDownloader.Agent.STF virus can do?

  • Injection (inter-process)
  • Uses Windows utilities for basic functionality
  • Network activity detected but not expressed in API logs
  • Harvests information related to installed mail clients

How to determine VBA/TrojanDownloader.Agent.STF?

File Info:

crc32: E5CF53E8
md5: cb190e3283591adc591326483253ef41
name: vbaProject.bin
sha1: 5b290acc1f7fff6890af65d3261f36403e97ae1e
sha256: 15530fb4232f163fe491756af772142ae00a9153d22b4368da2d53e482e57f25
sha512: ab3c45be312f5b302d59174924269b56d0201c5d9b36410cee185e23c4a6efcd08c346e70196ff53aaa134bd046f6676014da9aab1947438c0c916a8f620eb9a
ssdeep: 768:VIzT97Rotkv0PFtoekakiqqgKFnUWtNda+O2KGa1K:Va72txFtoekakxW6Wf1O2KGa1
type: Composite Document File V2 Document, No summary info

Version Info:

0: [No Data]

VBA/TrojanDownloader.Agent.STF also known as:

RisingMacro.Downloader.r (CLASSIC)
Endgamemalicious (high confidence)
SentinelOneDFI – Malicious OLE
ESET-NOD32a variant of VBA/TrojanDownloader.Agent.STF

How to remove VBA/TrojanDownloader.Agent.STF?

VBA/TrojanDownloader.Agent.STF removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment