The file BJA90.EXE is a computer worm.
The worm BJA90.EXE is a self-replicating malicious program,
which uses a computer network to send copies of itself to other computers.
You must fix the BJA90.EXE problem as soon as possible!
Delete the file BJA90.EXE from all infected computers in your network.
Set up your network firewall against BJA90.EXE intervention.
Malware Analysis of BJA90.EXE
Full path on a computer: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1189897646\bja90.exe
Detected by UnHackMe:
BJA90.EXE
Default location: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1189897646\bja90.exe
Removal Results: Success
Number of reboot: 1
BJA90.EXE is known as:
Worm.Net-Kolab, TrojWare.Injector.BGJ, BackDoor.Gurl.2, Trojan.Agent.aaxv (v), TR.Lethic.B.104, Backdoor.Azbreg.bqi, Worm[Net].Kolab, Trojan.Lethic.B, Trojan.Agent.Gen-Undef, Trojan.HmBlocker, W32.Trojan.WLUI-7811, BScope.Backdoor.IRCBot.2122, Trj.Zbot.M, Win32.Lethic.AA, Trojan.Ircbrute, W32.Injector.AEJX.tr
BJA90.EXE hash:
- MD5: 8b62ec05a03773dacb4c329dbe694ce1
Registry:- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1189897646\bja90.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\bja90: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1189897646\bja90.exe”
- HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1189897646\bja90.exe”
Folders:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1189897646
Files:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1189897646\bja90.exe
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1189897646\Desktop.ini