How to remove “Generic.AutoHotKey.Agent.A.9907BD42”?

The Generic.AutoHotKey.Agent.A.9907BD42 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.AutoHotKey.Agent.A.9907BD42 virus can do?

Authenticode signature is invalid
Anomalous binary characteristics

How to determine Generic.AutoHotKey.Agent.A.9907BD42?


File Info:
name: C88CFB430AAEC53CA8AD.mlw
path: /opt/CAPEv2/storage/binaries/d5036896468f4ad685114fe8f382b5aebb8afe37d7ca007e2f1972aea1910cfa
crc32: 1B45494C
md5: c88cfb430aaec53ca8add94d2fa19792
sha1: 29662a9c62b94661e8f90bec3fcb6229f4234925
sha256: d5036896468f4ad685114fe8f382b5aebb8afe37d7ca007e2f1972aea1910cfa
sha512: 9c7b867213912df50d87798c4ce012edb656ac658b2f414416b2bbeea46bbc74e2bd28549987092a3686ab534a11e1a558fe12c1d45b43845004092375587084
ssdeep: 24576:6G2s/vZn2WTiFYCcQj/unPKa6oyzqxjvZYZ:Vp26yVzqBv2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EA056B56B3D7D0B6DFA626F3C6B48372193AB934173C89CB7390282DE8906C17A35359
sha3_384: 10374c0a07fc963c1de0446f89d8366a32df346b810b430381d179c7f6713e4b01970b48f94d1edd9e1c2671f3fddee7
ep_bytes: e8505e0000e989feffffcccccc568b44
timestamp: 2019-11-24 04:49:56

Version Info:
0: [No Data]

Generic.AutoHotKey.Agent.A.9907BD42 also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Generic.AutoHotKey.Agent.A.9907BD42
FireEye	Generic.AutoHotKey.Agent.A.9907BD42
CAT-QuickHeal	PUA.AgentPMF.S24861111
Skyhigh	BehavesLike.Win32.Generic.ch
McAfee	Trojan-FUCG!C88CFB430AAE
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	Trojan ( 005add041 )
K7GW	Trojan ( 005add041 )
Arcabit	Generic.AutoHotKey.Agent.A.9907BD42
VirIT	Trojan.Win32.Generic.CDD
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Packed.AHK.G suspicious
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Malware.Misc-9950733-0
Kaspersky	Trojan.Win32.AHRun.gen
BitDefender	Generic.AutoHotKey.Agent.A.9907BD42
Avast	Win32:Evo-gen [Trj]
Tencent	Trojan.Win32.Agent.kb
TACHYON	Trojan/W32.Agent.824832.CC
Emsisoft	Generic.AutoHotKey.Agent.A.9907BD42 (B)
F-Secure	Heuristic.HEUR/AGEN.1319416
VIPRE	Generic.AutoHotKey.Agent.A.9907BD42
Sophos	Troj/AutoHK-N
Ikarus	PUA.AHK
Varist	W32/FakeFolder.T.gen!Eldorado
Avira	HEUR/AGEN.1319416
Microsoft	Trojan:Win32/FakeFolder.EA!MTB
ZoneAlarm	Trojan.Win32.AHRun.gen
GData	Win32.Trojan.PSE.1EA9LG1
Google	Detected
ALYac	Generic.AutoHotKey.Agent.A.9907BD42
MAX	malware (ai score=82)
Cylance	unsafe
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.119781068.susgen
Fortinet	Riskware/FakeFolder
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Generic.AutoHotKey.Agent.A.9907BD42?

Generic.AutoHotKey.Agent.A.9907BD42 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X