Backdoor

Backdoor.Win32.Agent.myubzu removal tips

Malware Removal

The Backdoor.Win32.Agent.myubzu is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Agent.myubzu virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • Uses Windows utilities for basic functionality
  • Anomalous binary characteristics

Related domains:

SYrdeElyJuT.SYrdeElyJuT

How to determine Backdoor.Win32.Agent.myubzu?



File Info:

crc32: B10D7E97
md5: dc31178c8e734d726d361bf5179f05b2
name: DC31178C8E734D726D361BF5179F05B2.mlw
sha1: d28f5dd56498248e706a3aad546e0e200f19b3fa
sha256: 473574ab9286caa551c88e2a3ac32e8b7975baac765bf084fd8c6ccb89737666
sha512: 90b1e5a663b6bc8e2b52779259a6d04da5925ca57e02b4bd46165886f16a825336d927b30668df532bcb3d409b7f5247b2245aacac1e1ac691a4bb8a344eb8fb
ssdeep: 49152:36MH4mxVdO72o+eOnc1HawgEn+IM4R6kVj6BTTodTm:36CPekcWIhTVj6BP
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 2005-2011 Oleg N. Scherbakov
InternalName: 7ZSfxMod
FileVersion: 1.5.0.2100
CompanyName: Oleg N. Scherbakov
PrivateBuild: April 28, 2011
ProductName: 7-Zip SFX
ProductVersion: 1.5.0.2100
FileDescription: 7z Setup SFX (x86)
OriginalFilename: 7ZSfxMod_x86.exe
Translation: 0x0000 0x04b0

Backdoor.Win32.Agent.myubzu also known as:

K7AntiVirusTrojan ( 0057e0a41 )
DrWebTrojan.PWS.Stealer.30152
SangforBackdoor.Win32.Agent.myubzu
AlibabaBackdoor:Win32/Generic.f7f5f094
K7GWTrojan ( 0057e0a41 )
ESET-NOD32a variant of Win32/Packed.7zip.BA suspicious
AvastWin32:MdeClass
KasperskyBackdoor.Win32.Agent.myubzu
BitDefenderTrojan.GenericKD.46485817
MicroWorld-eScanTrojan.GenericKD.46485817
Ad-AwareTrojan.GenericKD.46485817
ComodoTrojWare.Win32.UMal.bysqw@0
McAfee-GW-EditionArtemis!Trojan
FireEyeTrojan.GenericKD.46485817
EmsisoftTrojan.GenericKD.46485817 (B)
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojan:Win32/Wacatac.A!ml
ArcabitTrojan.Generic.D2C55139
AegisLabTrojan.Multi.Generic.4!c
GDataTrojan.GenericKD.46485817
McAfeeArtemis!DC31178C8E73
MAXmalware (ai score=83)
MalwarebytesTrojan.Dropper.Generic
PandaTrj/CI.A
FortinetRiskware/Agent
AVGWin32:MdeClass
Paloaltogeneric.ml

How to remove Backdoor.Win32.Agent.myubzu?

Backdoor.Win32.Agent.myubzu removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment