Malware

How to remove “AdWare.Win32.Agent.xxzutj”?

Malware Removal

The AdWare.Win32.Agent.xxzutj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AdWare.Win32.Agent.xxzutj virus can do?

  • A file was accessed within the Public folder.
  • Authenticode signature is invalid
  • CAPE detected the shellcode patterns malware family
  • Binary file triggered YARA rule
  • Yara detections observed in process dumps, payloads or dropped files

How to determine AdWare.Win32.Agent.xxzutj?



File Info:

name: FBD0AC5BA19FCEA9CA52.mlw
path: /opt/CAPEv2/storage/binaries/9b0e9b7da151d497d7dcad81d2953712f5f0c810e89c857300e649d663c2773d
crc32: 2253B099
md5: fbd0ac5ba19fcea9ca523e35db2d80ab
sha1: 45c6516307756570bd5cd1559fb56cf03093874f
sha256: 9b0e9b7da151d497d7dcad81d2953712f5f0c810e89c857300e649d663c2773d
sha512: e0d17c1b1e4d070b5e998e7ba1bdb076464fdf0ff4f1064525d333e77cd62ed3a065cba1d46c618380bfa28b06a5fa615d146ef48b85aa0c6dfa380760cf99e9
ssdeep: 24576:LqDEvCTbMWu7rQYlBQcBiT6rprG8ajRY:LTvC/MTQYxsWR7aV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T171258E02B3919022FF9B95720F56F7118ABD6E260127E62F13983C7DBE711B1163E663
sha3_384: 99ae9400cdd3164a1208ef20a4e126145a49ed18a98d896ff14538e41b2020bd07463c9494fe7d0bfb54c657ae06a758
ep_bytes: e86e050000e97afeffff558bec56ff75
timestamp: 2024-03-18 04:59:33


Version Info:

Translation: 0x0809 0x04b0

AdWare.Win32.Agent.xxzutj also known as:

BkavW32.Common.A3B78A09
LionicTrojan.Win64.Injects.ts93
FireEyeGeneric.mg.fbd0ac5ba19fcea9
SkyhighBehavesLike.Win32.Genericuh.dh
Cylanceunsafe
SangforVirus.Win32.Save.a
Elasticmalicious (high confidence)
APEXMalicious
Kasperskynot-a-virus:AdWare.Win32.Agent.xxzutj
SophosGeneric Reputation PUA (PUA)
GoogleDetected
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.Script.awbz
VaristW32/AutoIt.XQ.gen!Eldorado
MicrosoftTrojan:Win32/AgentTesla!ml
ZoneAlarmnot-a-virus:AdWare.Win32.Agent.xxzutj
MalwarebytesTrojan.Dropper
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaE.36802.9uW@a8E8muai
DeepInstinctMALICIOUS

How to remove AdWare.Win32.Agent.xxzutj?

AdWare.Win32.Agent.xxzutj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment