Downloader.Win32.Agent.mjba removal tips

The Downloader.Win32.Agent.mjba is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Downloader.Win32.Agent.mjba virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (1 unique times)
Presents an Authenticode digital signature
Creates RWX memory
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Reads data out of its own binary image
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)

Related domains:

z.whorecord.xyz

a.tomx.xyz

w.nanweng.cn

How to determine Downloader.Win32.Agent.mjba?


File Info:
crc32: 347B52A1
md5: a95b04dba6369cc946adcdc5523584e6
name: lj1020-1022hbwin98me2kxp2003-sc82_136210.exe
sha1: cd1c20315fe6c20210922b708f92f1a881f9397e
sha256: 87bdcc54346055487e557df27f8c7d2bff1e8dcd39c47ec015ce3e9bb162b10f
sha512: 52b6ef4eab07565024eb1ace6a65bafa7a8f90f91944825a5a4d821d4b02682e8574e9763fa691b4698d9f491341a81230999dd21f7141d6cff1866a99738d40
ssdeep: 24576:awmwDGOjGg/vjBYqeJ2FSEkJ3mLwwrwKiWyksgd:afFOd5SVzHKfsgd
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2020
InternalName: x667ax80fdx4e0bx8f7dx5668.exe
FileVersion: 5.0.0.0528
ProductName: x667ax80fdx4e0bx8f7dx5668.exe
FileDescription: _
OriginalFilename: x667ax80fdx4e0bx8f7dx5668.exe
Translation: 0x0804 0x04b0

Downloader.Win32.Agent.mjba also known as:

MicroWorld-eScan	Trojan.GenericKD.34021776
FireEye	Trojan.GenericKD.34021776
McAfee	GenericRXAA-AA!A95B04DBA636
Malwarebytes	Adware.ChinAd
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Adware ( 005105151 )
BitDefender	Trojan.GenericKD.34021776
K7GW	Adware ( 005105151 )
TrendMicro	PUA.Win32.Qjwmonkey.HU
Symantec	PUA.Gen.2
APEX	Malicious
Avast	Win32:AdwareX-gen [Adw]
GData	Trojan.GenericKD.34021776
Kaspersky	not-a-virus:Downloader.Win32.Agent.mjba
Alibaba	Downloader:Win32/Qjwmonkey.be543ae2
NANO-Antivirus	Riskware.Win32.Qjwmonkey.hlaspu
AegisLab	Riskware.Win32.Agent.1!c
Rising	Adware.Downloader!1.BDCA (CLOUD)
Endgame	malicious (high confidence)
Emsisoft	Application.Downloader (A)
Comodo	ApplicUnwnt@#d6j0vf2nvh87
F-Secure	Adware.ADWARE/Qjwmonkey.zwtql
DrWeb	Adware.Qjwmonkey.168
Zillya	Adware.Qjwmonkey.Win32.656
Sophos	Generic PUA MN (PUA)
Cyren	W32/Trojan.VPNA-8610
Jiangmin	Downloader.Agent.nhe
Webroot	W32.Downloader.Gen
Avira	ADWARE/Qjwmonkey.zwtql
MAX	malware (ai score=99)
Antiy-AVL	GrayWare/Win32.Qjwmonkey
Arcabit	Trojan.Generic.D2072190
ZoneAlarm	not-a-virus:Downloader.Win32.Agent.mjba
Microsoft	PUA:Win32/Qjwmonkey
Cynet	Malicious (score: 85)
AhnLab-V3	Adware/Win32.Qjwmonkey.R340429
VBA32	BScope.TrojanDropper.Dapato
ALYac	Trojan.GenericKD.34021776
Ad-Aware	Trojan.GenericKD.34021776
Cylance	Unsafe
Panda	Trj/CI.A
ESET-NOD32	a variant of Win32/Adware.Qjwmonkey.H
TrendMicro-HouseCall	PUA.Win32.Qjwmonkey.HU
Tencent	Malware.Win32.Gencirc.10cdd758
Yandex	PUA.Qjwmonkey!
eGambit	Trojan.Generic
Fortinet	Riskware/Agent
AVG	Win32:AdwareX-gen [Adw]

How to remove Downloader.Win32.Agent.mjba?

Downloader.Win32.Agent.mjba removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Downloader.Win32.Agent.mjba removal tips