Malware

About “BAT/Agent.PBT” infection

Malware Removal

The BAT/Agent.PBT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BAT/Agent.PBT virus can do?

  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Harvests information related to installed mail clients
  • Anomalous binary characteristics

How to determine BAT/Agent.PBT?



File Info:

crc32: 92926E2E
md5: 37b2f2b402c9fd67af523ce7a4ed160b
name: 37B2F2B402C9FD67AF523CE7A4ED160B.mlw
sha1: c1293c70b3689ea72467eaa489d6abdd69c74722
sha256: 4832d7872fbda09f9b51735611d372ff1a6004dc8d821d2f2e26fdbdfc300021
sha512: 0fd6226fa4cb35611d8e19ac3b15e73dcdd19f6d082e54601964582e3db3bffaf161e04c657647da0bdda1f1f071987abc51293330941e6b725f4c64a2bd2337
ssdeep: 49152:Kcq8z+DB/HE21C8YwN2vVV94l8bugqEVSCwwt+t069GRwZv22h:E8QhHE2oqWal8SSVSSna22h
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: Rbuznam                
FileVersion: 9.8.4940.67458 (fwnoyqf_xfo.534236-5651)
CompanyName: Microsoft Corporation
ProductName: Internet Explorer
ProductVersion: 9.8.4940.67458
FileDescription: Cxv23 Setup Rngolqhazk                                           
OriginalFilename: LHCLHBK.EXE            .TVW
Translation: 0x0409 0x04b0

BAT/Agent.PBT also known as:

DrWebProgram.Unwanted.2520
CAT-QuickHealTrojan.Alien
McAfeeArtemis!37B2F2B402C9
ESET-NOD32BAT/Agent.PBT
KasperskyTrojan.Win32.Alien.lrs
McAfee-GW-EditionArtemis!Trojan
SentinelOneStatic AI – Suspicious PE
WebrootW32.Trojan.Gen
MicrosoftProgram:Win32/Wacapew.C!ml
ZoneAlarmTrojan.Win32.Alien.lrs
GDataWin32.Application.iObit.B
MalwarebytesTrojan.Agent.HDC.Generic
IkarusMalware.Win32.AVEvader
Qihoo-360HEUR/QVM20.1.F5E0.Malware.Gen

How to remove BAT/Agent.PBT?

BAT/Agent.PBT removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment