Trojan

Trojan-Downloader.Win32.Agent.xxzrjj removal instruction

Malware Removal

The Trojan-Downloader.Win32.Agent.xxzrjj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Agent.xxzrjj virus can do?

  • Attempts to connect to a dead IP:Port (2 unique times)
  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Performs some HTTP requests
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Attempts to create or modify system certificates
  • Generates some ICMP traffic

Related domains:

baidu.com
flashdownloadserver.oss-cn-hongkong.aliyuncs.com

How to determine Trojan-Downloader.Win32.Agent.xxzrjj?



File Info:

crc32: 7013D9C3
md5: aa869db51c9a1546999c67bb574cc933
name: AA869DB51C9A1546999C67BB574CC933.mlw
sha1: 1c957b5db15fa270347572103fd4b8c309662ab4
sha256: 32a3934d96a8f2dae805fa28355cd0155c22ffad4545f9cd9c1ba1e9545b39ac
sha512: 985abebc31931295443bb314d04b73537672093c051bf33ccc8a1f24cae90f96e8b8f88cf60af6b0092f4c1159065f2722093ebb2d7ce379917911ed3733ab3d
ssdeep: 49152:7CT6tW0G0MX7RK854yXh2MD74ugpiWcuAercnqKR3SWaKAisywIGjg+AYAwgQAwI:7qP0GFXhBD7jWHAerM0KtB+AQC
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows


Version Info:

0: [No Data]

Trojan-Downloader.Win32.Agent.xxzrjj also known as:

DrWebTrojan.Siggen14.35394
CynetMalicious (score: 99)
ALYacBackdoor.Agent.Biopass
SangforTrojan.Win32.Agent.xxzrjj
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of WinGo/TrojanDownloader.Agent.AB
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Downloader.Win32.Agent.xxzrjj
BitDefenderTrojan.GenericKD.37224922
ViRobotBackdoor.Win32.S.Biopass.4277848
MicroWorld-eScanTrojan.GenericKD.37224922
Ad-AwareTrojan.GenericKD.37224922
SophosMal/Generic-S
ComodoMalware@#971d3piyzq8w
TrendMicroBackdoor.Win32.BIOPASS.A
McAfee-GW-EditionArtemis!Trojan
FireEyeTrojan.GenericKD.37224922
EmsisoftTrojan.GenericKD.37224922 (B)
WebrootW32.Trojan.Biopass
AviraTR/Redcap.cevlc
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojan:Win32/Casdet!rfn
GDataTrojan.GenericKD.37224922
McAfeeArtemis!AA869DB51C9A
MAXmalware (ai score=81)
MalwarebytesMalware.AI.1957324561
PandaTrj/CI.A
TrendMicro-HouseCallBackdoor.Win32.BIOPASS.A
IkarusTrojan.Win64.Ranumbot
AVGWin32:Malware-gen

How to remove Trojan-Downloader.Win32.Agent.xxzrjj?

Trojan-Downloader.Win32.Agent.xxzrjj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment