Trojan

Should I remove “Trojan:JS/Redirector”?

Malware Removal

The Trojan:JS/Redirector is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:JS/Redirector virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan:JS/Redirector?



File Info:

crc32: 81292E90
md5: 93a5bb9b2f8e8eba31cd81b56232c5ab
name: 93A5BB9B2F8E8EBA31CD81B56232C5AB.mlw
sha1: b4e924e84ce1b344471001d93f36c4fc2459d1e6
sha256: 23839813e34ae4b409a0d5fb3d8f75ca836fc235f73e8107eb657e727c64d9bd
sha512: 74266a8e81ee992faef8d1263b49adb195cd7ba6bb2db6eb18d3f3a69add3323bb5b7c36f295f1e7bd7fa1083cdb9ffe8660648103b8afc51d652353c2993616
ssdeep: 12288:uaHc64b888888888888W88888888888PHvxq3uZ+iRqLEQ2DjxiZl8zAeONQ9uZq:F86iHvxqeZkI91BoQ9uZUR+zZdQ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion: 22.11.56            
CompanyName: mhFID2d0KzPoTY5pBVF4                                        
Comments: This installation was built with Inno Setup.
ProductName: mhFID2d0KzPoTY5pBVF4                                        
ProductVersion: 22.11.56                                          
FileDescription: mhFID2d0KzPoTY5pBVF4                                        
Translation: 0x0000 0x04b0

Trojan:JS/Redirector also known as:

LionicAdware.Script.Generic.2!c
DrWebTrojan.BPlug.3614
CynetMalicious (score: 99)
ALYacGen:Variant.Bulz.855934
CylanceUnsafe
AlibabaAdWare:Win32/ExtInstaller.1b6e3b25
Cybereasonmalicious.b2f8e8
SymantecTrojan.Gen.2
ESET-NOD32multiple detections
APEXMalicious
AvastWin32:Adware-gen [Adw]
Kasperskynot-a-virus:HEUR:AdWare.Win32.ExtInstaller.gen
BitDefenderGen:Variant.Bulz.213045
NANO-AntivirusTrojan.Win32.ExtenBro.fjwzkt
MicroWorld-eScanGen:Variant.Bulz.213045
ComodoMalware@#d0j6774dipcd
BitDefenderThetaGen:NN.ZedlaF.34294.ku8@aa6USJiO
FireEyeGen:Variant.Bulz.213045
EmsisoftGen:Variant.Bulz.213045 (B)
AviraHEUR/AGEN.1109568
Antiy-AVLTrojan/Generic.ASMalwS.29B0C90
MicrosoftTrojan:JS/Redirector
GDataGen:Variant.Bulz.855934
McAfeeExtenbro
MAXmalware (ai score=87)
VBA32Trojan.BPlug
MalwarebytesAdware.ExtenBro
PandaTrj/CI.A
YandexPUA.ExtInstaller!EYEQ+CEvaUg
IkarusTrojan.Win32.Skeeyah
FortinetRiskware/ExtenBro
AVGWin32:Adware-gen [Adw]
Paloaltogeneric.ml

How to remove Trojan:JS/Redirector?

Trojan:JS/Redirector removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment