RiskTool.Win32.Agent.ajdr (file analysis)

The RiskTool.Win32.Agent.ajdr is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What RiskTool.Win32.Agent.ajdr virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Authenticode signature is invalid
Touches a file containing cookies, possibly for information gathering

How to determine RiskTool.Win32.Agent.ajdr?


File Info:
name: 3934150640CA47E4C5E4.mlw
path: /opt/CAPEv2/storage/binaries/2df649c8459c28081905cd2540964634573f88ae0b6c7e10b97169a14ba3e666
crc32: 7BFF55E3
md5: 3934150640ca47e4c5e47ee1fa5b4e7a
sha1: 763279f5c2172cf18aa762ddf1c0b573dffca2b4
sha256: 2df649c8459c28081905cd2540964634573f88ae0b6c7e10b97169a14ba3e666
sha512: ccf49b09787391ef1e81775e205242e5e297739069340311cfa1b424779ea06a6556cf47cecc09772617a972bc6ae0b4fb6f15be63fbcb66a28772e758e61bda
ssdeep: 12288:n0nyfXuIBDtfug7c//4l92ZNs3bkkWxNwvkFG:0ny/f9ug7c//o2ZNKIYyG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T179A4AE223ED0C436C4AB0931B57E5318A274BD36977A214EB7D93F2A5BB17D1AD1B302
sha3_384: cc11e115c4c67aaa63d787e469ce26eb8e714ed28ced09a4744f90da5705f501c01a650303f9459f6473ffa4f2acdaad
ep_bytes: e885630000e978feffff8bff558bec56
timestamp: 2015-02-15 08:00:31

Version Info:
0: [No Data]

RiskTool.Win32.Agent.ajdr also known as:

Bkav	W32.AIDetectMalware
Lionic	Riskware.Win32.Agent.1!c
K7AntiVirus	Unwanted-Program ( 004d38111 )
Alibaba	RiskWare:Win32/Generic.d77351fa
K7GW	Unwanted-Program ( 004d38111 )
CrowdStrike	win/grayware_confidence_100% (W)
APEX	Malicious
Kaspersky	not-a-virus:RiskTool.Win32.Agent.ajdr
Webroot	W32.Malware.Ml.Vt
ZoneAlarm	not-a-virus:RiskTool.Win32.Agent.ajdr
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002H07L823
MaxSecure	Trojan.Malware.9367239.susgen
Cybereason	malicious.5c2172
DeepInstinct	MALICIOUS

How to remove RiskTool.Win32.Agent.ajdr?

RiskTool.Win32.Agent.ajdr removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X