Trojan

Trojan.Win32.Agent.newhqa malicious file

Malware Removal

The Trojan.Win32.Agent.newhqa is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Agent.newhqa virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Turkish
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Installs itself for autorun at Windows startup
  • Collects information about installed applications
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan.Win32.Agent.newhqa?



File Info:

crc32: ABC80534
md5: 4a40e3ad357c8b5c7b3c9eeeaf125c89
name: dwaynetcafeupdate22-04-2011.exe
sha1: 8f3c65cb22032a77031b638a380a1f734bf82d7c
sha256: e66c547a66da090d1b6543bcd53ee1949bff295b3b99d97301405caedb967e47
sha512: 34eed2ad963420d37396a13b4eb43a3c6704b0abc72439a8f8be458a392d8208be8ba10aecc108304a524bdfd7332097f16cf81aa5587420c4d799c38f95e7cc
ssdeep: 98304:MUBf4LJqAs0X97pYUCvbp12E8kgvuoASczpWWyis2mEQU9Ix:MUh4cEVpid12E8TujSczpfCEQoIx
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 1990-2002 InstallShield Software Corporation
InternalName: ISPNickel
FileVersion: 7, 01, 100, 1248
CompanyName: InstallShield Software Corporation
ProductName: InstallShield (R)
OLESelfRegister: 
ProductVersion: 7, 01
FileDescription: InstallShield (R) Setup Launcher
OriginalFilename: Setup.exe
Translation: 0x0409 0x04b0

Trojan.Win32.Agent.newhqa also known as:

McAfeeArtemis!4A40E3AD357C
VIPRETrojan.Win32.Generic!BT
KasperskyTrojan.Win32.Agent.newhqa
AlibabaTrojan:Win32/Agent.8c2bfbc4
SophosGeneric PUA IP (PUA)
McAfee-GW-EditionArtemis
ZoneAlarmTrojan.Win32.Agent.newhqa
MicrosoftPUA:Win32/Presenoker
VBA32Trojan.Agent
CylanceUnsafe
MaxSecureTrojan.Malware.74343595.susgen
Qihoo-360Win32/Trojan.9de

How to remove Trojan.Win32.Agent.newhqa?

Trojan.Win32.Agent.newhqa removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment