Malware

How to remove “Application.Agent.GRD”?

Malware Removal

The Application.Agent.GRD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Agent.GRD virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Queries information on disks, possibly for anti-virtualization
  • Detects the presence of Wine emulator via registry key
  • Accessed credential storage registry keys

How to determine Application.Agent.GRD?



File Info:

name: 6D1531FF52F74E8E948F.mlw
path: /opt/CAPEv2/storage/binaries/00a55b3760f1a7e0cd4916fc6ad1d07d4886887a3e836ac107ac679672ca9ae8
crc32: 4E946BD2
md5: 6d1531ff52f74e8e948f843061f40c01
sha1: b8985d20aaa39aa5be617b806fceafd478e8ca37
sha256: 00a55b3760f1a7e0cd4916fc6ad1d07d4886887a3e836ac107ac679672ca9ae8
sha512: 07f2b6eafbd9f090e4bc370b6463e3d14701b8524250887f77028d961861f69b9df02456c28d489de0027834d9094ad6d495c430ac512bbd032970ed3a3e470d
ssdeep: 49152:NUySw/Tj+mCy1OOOOOOOOO+JLgnHHbv5ELSoyNcvOOOOOOOOOOOufWOOOOOOOOOW:NXOm9OOOOOOOOOLHbuLSo1vOOOOOOOOS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14EE5DF11EB47C9B5DE6912B4E07F1BFA99722D65C3A015C7BFBCBC2E27782801835648
sha3_384: d324ea433f66ee59f0bb4b1a4d3d7cd9939918e5e5c7b0f1dd7be198c6cd5211be597a9d6e0c8a1c762e9bf77ce2d8a8
ep_bytes: 558bec6aff683853600068081c600064
timestamp: 2019-02-21 18:02:34


Version Info:

FileVersion: 2.39.0.124
LegalCopyright: Licensed under the GNU GPL, v3.
ProductVersion: 2.39.0.124
FileDescription: setup
Translation: 0x0c09 0x04b0

Application.Agent.GRD also known as:

BkavW32.AIDetect.malware2
LionicAdware.Win32.SmartInstaller.2!c
Elasticmalicious (high confidence)
DrWebTrojan.InstallCube.3936
MicroWorld-eScanApplication.Agent.GRD
FireEyeGeneric.mg.6d1531ff52f74e8e
CAT-QuickHealTrojan.Occamy.S5469295
ALYacApplication.Agent.GRD
CylanceUnsafe
Sangfor[ARMADILLO V1.71]
K7AntiVirusTrojan ( 005483f71 )
K7GWTrojan ( 005483f71 )
ArcabitApplication.Agent.GRD
BitDefenderThetaGen:NN.ZexaF.34638.8s0@aGrNloki
CyrenW32/Trojan.FJX.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.GPYN
Paloaltogeneric.ml
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:AdWare.Win32.Generic
BitDefenderApplication.Agent.GRD
NANO-AntivirusTrojan.Win32.Ekstak.fnidsu
AvastWin32:ICLoader-X [Adw]
RisingTrojan.Kryptik!1.AA23 (CLOUD)
Ad-AwareApplication.Agent.GRD
SophosMal/Generic-R + Troj/Kryptik-JD
ComodoApplication.Win32.ICLoader.GS@84429a
ZillyaAdware.SmartInstaller.Win32.2108
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
EmsisoftApplication.Agent.GRD (B)
IkarusPUA.ICLoader
JiangminAdWare.SmartInstaller.awp
AviraTR/Crypt.ZPACK.Gen
MicrosoftTrojan:Win32/Ekstak
GDataApplication.Agent.GRD
SentinelOneStatic AI – Malicious PE
AhnLab-V3PUP/Win32.ICLoader.R256359
McAfeePacked-FME!6D1531FF52F7
VBA32BScope.Trojan.Ekstak
MalwarebytesAdware.ICLoader
APEXMalicious
TencentMalware.Win32.Gencirc.10b343a6
MAXmalware (ai score=77)
MaxSecureTrojan.Malware.12221321.susgen
FortinetW32/GenKryptik.DYKG!tr
AVGWin32:ICLoader-X [Adw]
PandaTrj/Genetic.gen

How to remove Application.Agent.GRD?

Application.Agent.GRD removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment