Should I remove “Trojan.Agent.29200R”?

The Trojan.Agent.29200R is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Agent.29200R virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Trojan.Agent.29200R?


File Info:
name: 0E23727D6F3FA9AF0FA3.mlw
path: /opt/CAPEv2/storage/binaries/bf4f40878539e44d6bde20d9bf1a5a0f4d6a08633f5d6139807ff9f65c096ea9
crc32: C589B339
md5: 0e23727d6f3fa9af0fa3bf23b470d793
sha1: ec389e4ccc9bdd0b0b975a309e66c6fcd270d39d
sha256: bf4f40878539e44d6bde20d9bf1a5a0f4d6a08633f5d6139807ff9f65c096ea9
sha512: 6d90c741a5e6d54b8748823cc5c93ef79c6daf8cdd5139dcb507ccf77375d1bbca2c18e37bcf307e98e52cc9530f4d413e215d5cf97332fda6a0dcc6ed981915
ssdeep: 384:q5ihb++0q7ynxJWxseqypbjNUdZSrel3flYQ4S9uNCR0IVH7AuTFoWRSQD8RVw6n:9pC0Jjq7Sreldh1uNjzyGvw6n
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T191E23B97D6540C72CCD121B41EEEBB319AF98065C7242AD32B8806ED471CAE57D783DA
sha3_384: 9af9467f630849179692484efb6b4f1def681fa43b337e5c70103b9db169560da449d05a4a80e47104251bba8be80c33
ep_bytes: e837030000e94dfdffffccccccccccff
timestamp: 2008-04-16 01:28:29

Version Info:
CompanyName: Twain Working Group
FileDescription: Twain.dll Client's 32-Bit Thunking Server
FileVersion: 1,7,1,0
InternalName: Twunk_32
OriginalFilename: Twunk_32.exe
ProductName: Twain Thunker
ProductVersion: 1,7,1,0
Translation: 0x0409 0x04b4

Trojan.Agent.29200R also known as:

Lionic	Virus.Win32.Virut.kYQV
FireEye	Generic.mg.0e23727d6f3fa9af
McAfee	Artemis!0E23727D6F3F
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Trojan.Win32.Wacatac.B
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
Avast	FileRepMalware
Tencent	Win32.Trojan.Spy.Gbr
Comodo	Malware@#18vjhlvcpesfp
McAfee-GW-Edition	Artemis
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan-Spy.Agent
Webroot	W32.Malware.Gen
Avira	HEUR/Patched.Ren
APEX	Malicious
Microsoft	Trojan:Win32/Zpevdo.B
Cynet	Malicious (score: 100)
Acronis	suspicious
ALYac	Trojan.Agent.29200R
Rising	Virus.Virut!8.44 (CLOUD)
SentinelOne	Static AI – Malicious PE
eGambit	Generic.Malware
AVG	FileRepMalware
MaxSecure	Trojan.Malware.2588.susgen

How to remove Trojan.Agent.29200R?

Trojan.Agent.29200R removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X