Trojan

Win32/TrojanDownloader.Agent.CZA removal instruction

Malware Removal

The Win32/TrojanDownloader.Agent.CZA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDownloader.Agent.CZA virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Mimics the system’s user agent string for its own requests
  • A process attempted to delay the analysis task.
  • Executed a process and injected code into it, probably while unpacking
  • A system process is generating network traffic likely as a result of process injection

How to determine Win32/TrojanDownloader.Agent.CZA?



File Info:

crc32: BA70906F
md5: eca3039c3a4e0327f819db6fd350aa71
name: ECA3039C3A4E0327F819DB6FD350AA71.mlw
sha1: 0e04724105b7fd142237ed6dbe954cfaddbc41a3
sha256: e042f2b51fdfbc6dca0964e9610092a52f698bef1112e4033601f125df06ba42
sha512: 66a587531e69f5d953763b0d8d564a6aa7d0143747ee503c43004e49281532bf72f0a31cbceb3cd18159150f0690f15b3f896a046bf7e271669992a6f0b4ee61
ssdeep: 3072:Mv/Nv+hrg5fUznrqQEV9x1H7gGkKvRfB3VTHI3ZC5EUALwd/tLWnCsOg:u9icfUqQ43AKvRfZVLMohALmCnd
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Win32/TrojanDownloader.Agent.CZA also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005137001 )
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Siggen1.61433
CynetMalicious (score: 100)
CAT-QuickHealRansom.Exxroute.A3
ALYacTrojan.Ransom.Spora.Gen.1
CylanceUnsafe
ZillyaTrojan.Agent.Win32.1646978
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 005137001 )
Cybereasonmalicious.c3a4e0
BaiduWin32.Trojan.Kryptik.bjq
CyrenW32/Ransom.CO.gen!Eldorado
ESET-NOD32Win32/TrojanDownloader.Agent.CZA
APEXMalicious
AvastWin32:Rootkit-gen [Rtk]
ClamAVWin.Ransomware.Cerber-5970200-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Ransom.Spora.Gen.1
NANO-AntivirusTrojan.Win32.Ransom.evdmgx
MicroWorld-eScanTrojan.Ransom.Spora.Gen.1
TencentMalware.Win32.Gencirc.10b58922
Ad-AwareTrojan.Ransom.Spora.Gen.1
SophosML/PE-A + Mal/Elenoocka-E
ComodoTrojWare.Win32.Crypt.C@7vajd0
BitDefenderThetaGen:NN.ZexaF.34628.qmW@aWpMVRoi
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_CERBER.SM37
McAfee-GW-EditionBehavesLike.Win32.Autorun.dm
FireEyeGeneric.mg.eca3039c3a4e0327
EmsisoftTrojan.Ransom.Spora.Gen.1 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.arzqj
WebrootW32.Trojan.Gen
AviraTR/Crypt.ZPACK.Gen7
eGambitUnsafe.AI_Score_98%
KingsoftWin32.Troj.Injector.qb.(kcloud)
MicrosoftVirTool:Win32/Obfuscator.ARL
AegisLabTrojan.Win32.Injector.b!c
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Ransom.Spora.Gen.1
AhnLab-V3Trojan/Win32.Cerber.R200995
McAfeeRansomware-FMJ!ECA3039C3A4E
MAXmalware (ai score=83)
VBA32BScope.Backdoor.Gootkit
PandaTrj/CI.A
TrendMicro-HouseCallRansom_CERBER.SM37
RisingRansom.Cerber!8.3058 (RDMK:cmRtazqQZtsrhVyJ4Dp6FnSGEtUg)
YandexTrojan.GenAsa!1j0wOOA4MQs
IkarusTrojan-Ransom.Cerber
FortinetW32/GenKryptik.APXF!tr
AVGWin32:Rootkit-gen [Rtk]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Spora.HxQBP00A

How to remove Win32/TrojanDownloader.Agent.CZA?

Win32/TrojanDownloader.Agent.CZA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment