Malware

About “Mal/Agent-AUY” infection

Malware Removal

The Mal/Agent-AUY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Mal/Agent-AUY virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine Mal/Agent-AUY?


File Info:

crc32: E192A88F
md5: c4ac24182d38fd23ed4cccbabf757600
name: svchost.exe
sha1: d01a7dac942e017bc84be6ba5bdf06d9b207a204
sha256: 56fcb1430b7e25d2f82f994fd82d1b16b41e4ca5cfd3579f30de6df53b87ffe3
sha512: be9360482076e3d269b3ec97807df02de4f740e679e7c76e424eb6eee82184394388e9b7c5f62bbe45b79d69da521bb9b70e3552be9e312da67461a675632221
ssdeep: 6144:u6SYwYmM7+hGT1B1yrAnZC/lasqIcBZxa264uSPK76Ea:uhE1B1ugZC/lpSzY2BfZv
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Windowsx7f51x7edcx8f85x52a9x529fx80fdx63d2x4ef6
InternalName: Windowsx7f51x7edcx8f85x52a9x529fx80fdx63d2x4ef6
FileVersion: 1.0.0.1
CompanyName: Windowsx7f51x7edcx8f85x52a9x529fx80fdx63d2x4ef6
ProductName: Windowsx7f51x7edcx8f85x52a9x529fx80fdx63d2x4ef6
ProductVersion: 1.0.0.1
FileDescription: Windows Server
OriginalFilename: Windowsx7f51x7edcx8f85x52a9x529fx80fdx63d2x4ef6
Translation: 0x040c 0x04e4

Mal/Agent-AUY also known as:

DrWebTrojan.DownLoader32.46379
MicroWorld-eScanTrojan.Cud.Gen.1
CAT-QuickHealTrojan.ServstartRI.S10996511
McAfeeGenericRXAA-AA!C4AC24182D38
CylanceUnsafe
K7AntiVirusTrojan-Downloader ( 00560bad1 )
BitDefenderTrojan.Cud.Gen.1
K7GWTrojan-Downloader ( 00560bad1 )
Cybereasonmalicious.82d38f
F-ProtW32/Agent.BOR.gen!Eldorado
APEXMalicious
AvastWin32:DropperX-gen [Drp]
GDataTrojan.Cud.Gen.1
KasperskyHEUR:Trojan.Win32.ServStart.vho
NANO-AntivirusTrojan.Win32.ServStart.ginthm
Ad-AwareTrojan.Cud.Gen.1
EmsisoftTrojan.Cud.Gen.1 (B)
F-SecureHeuristic.HEUR/AGEN.1046092
BaiduWin32.Trojan-Downloader.Agent.cw
McAfee-GW-EditionTrojan-FSAA!C4AC24182D38
Trapminesuspicious.low.ml.score
FireEyeTrojan.Cud.Gen.1
SophosMal/Agent-AUY
IkarusTrojan-Downloader.Win32.Agent
CyrenW32/Agent.BOR.gen!Eldorado
JiangminTrojan.ServStart.acb
AviraHEUR/AGEN.1046092
Endgamemalicious (high confidence)
ArcabitTrojan.Cud.Gen.1
ZoneAlarmHEUR:Trojan.Win32.ServStart.vho
MicrosoftTrojanDownloader:Win32/Small.gen!AP
AhnLab-V3Malware/Win32.RL_Generic.R325188
Acronissuspicious
VBA32BScope.TrojanDownloader.Agent
MAXmalware (ai score=83)
MalwarebytesBackdoor.Farfli
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.EUJ
RisingDownloader.Agent!8.B23 (RDMK:cmRtazqzi91RtYTyM7nCThA0Mbyg)
SentinelOneDFI – Suspicious PE
eGambitPE.Heur.InvalidSig
FortinetW32/Agent.EUJ!tr.dldr
AVGWin32:DropperX-gen [Drp]

How to remove Mal/Agent-AUY?

Mal/Agent-AUY removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment