What is “PowerShell/TrojanDownloader.Agent.ABM”?

The PowerShell/TrojanDownloader.Agent.ABM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What PowerShell/TrojanDownloader.Agent.ABM virus can do?

At least one process apparently crashed during execution
Network activity detected but not expressed in API logs

How to determine PowerShell/TrojanDownloader.Agent.ABM?


File Info:
crc32: A296AFE1
md5: 574d7c6e50a4e43365f6145de6e226e3
name: upload_file
sha1: d5482e985efcbe9b08d1e41fcb2bd5cfc855bf22
sha256: 9c328a584d6a90bbe94e13730d0cf62bafaf360ad6ef74f6655f1541d21f787e
sha512: f9885085ba9152b1a8f01e5fc6c80e233309767644a8f06b7216564078ebb6d95fc099602754d4b4ff060c914a3703bbf9f39078d4dfe61e0193090df83532d8
ssdeep: 96:4+5xfRL44A5CByADBuR8Q8EubZOnZ0pk48lFvfnk76f4wLAy+Gi+vYlROR:4YG4A5i1QsZ/pk48ffBi4cRG
type: ASCII text, with very long lines, with CRLF, CR line terminators

Version Info:
0: [No Data]

PowerShell/TrojanDownloader.Agent.ABM also known as:

MicroWorld-eScan	Trojan.GenericKD.44067440
FireEye	Trojan.GenericKD.44067440
CAT-QuickHeal	Script.Trojan.A827312
ALYac	Trojan.GenericKD.44067440
AegisLab	Trojan.PowerShell.Generic.4!c
Cyren	BAT/Powcod.D.gen!Camelot
Symantec	Trojan.Malscript!gen8
Avast	PwrSh:Downloader-AB [Trj]
Kaspersky	HEUR:Trojan.PowerShell.Generic
BitDefender	Trojan.GenericKD.44067440
ViRobot	HTML.Z.Agent.5207
Ad-Aware	Trojan.GenericKD.44067440
Emsisoft	Trojan.GenericKD.44067440 (B)
Comodo	TrojWare.Win32.BadShell.XSN@7pmib7
F-Secure	Trojan.TR/PowerShell.Gen
DrWeb	PowerShell.DownLoader.1215
Invincea	ATK/PSDL-D
McAfee-GW-Edition	PS/Dropper.f
Sophos	ATK/PSDL-D
Ikarus	Trojan.Script
Avira	TR/PowerShell.Gen
Microsoft	Trojan:Win32/Ymacco.AA9C
Arcabit	Trojan.Generic.D2A06A70
ZoneAlarm	HEUR:Trojan.PowerShell.Generic
GData	Trojan.GenericKD.44067440
Cynet	Malicious (score: 85)
McAfee	PS/Dropper.f
ESET-NOD32	PowerShell/TrojanDownloader.Agent.ABM
Tencent	Win32.Trojan-downloader.Agent.Suxx
MAX	malware (ai score=87)
Fortinet	BAT/Agent.ABM!tr.dldr
AVG	PwrSh:Downloader-AB [Trj]
Qihoo-360	virus.bat.powershell.a

How to remove PowerShell/TrojanDownloader.Agent.ABM?

PowerShell/TrojanDownloader.Agent.ABM removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X