Trojan.Agent.CTMQ information

The Trojan.Agent.CTMQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Agent.CTMQ virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Trojan.Agent.CTMQ?


File Info:
name: 61290EF10D152407EEA9.mlw
path: /opt/CAPEv2/storage/binaries/e1241b1277bfb6c8aa8085533fc0962adef4fd32ed6959a1b6e06703de24bd4c
crc32: 4677A001
md5: 61290ef10d152407eea90a00fde10c84
sha1: 6f85fdb5042fc7d72d4b6c54a8f43d918fd4099f
sha256: e1241b1277bfb6c8aa8085533fc0962adef4fd32ed6959a1b6e06703de24bd4c
sha512: b832daa9438358b3f10ed332d41005b4b3d0eb7c941341e04dc73619ba65b3654e31299612bd3bbde8b2647fdab298bd8e75daaa7e6a2cbeb5ac83d9f1d18e22
ssdeep: 3072:KVn8QOXmQaDIJEGp8Wtvv6jJKD+qmk+V4gzj1BuYH5V98YC/7K/XRlCH5w6VS1Vc:K9cQIvXtvEJ0LRgDuYH5VCX++zL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13D8427D1A10CD239E46E16321036DB36C6213CBA643E4E4FF3B8AF666F37A51D55920B
sha3_384: f09d645b0605cb32859fb8fc4cbad79d42bcdda0a7e68d879c70dde1ada3de941d3175e754393a25ecfa9c352b79b6ce
ep_bytes: e8b85c0000e9000000006a14685881a5
timestamp: 2015-01-19 23:46:40

Version Info:
PrivateBuild: 6.6.86.2
Languages: English
FileVersion: 6.6.86.2
Comments: Rmi Codified Memo
LegalTrademarks: Copyright Â© 1999 - 2014 Amazon
CompanyName: Amazon
FileDescription: Rmi Codified Memo
InternalName: Cubes
LegalCopyright: Copyright Â© 1999 - 2014 Amazon
ProductName: Cubes
OriginalFilename: Cubes.exe
ProductVersion: 6.6.86.2
Translation: 0x0409 0x04b0

Trojan.Agent.CTMQ also known as:

Bkav	W32.AIDetect.malware1
MicroWorld-eScan	Trojan.Agent.CTMQ
FireEye	Generic.mg.61290ef10d152407
ALYac	Trojan.Agent.CTMQ
Cylance	Unsafe
VIPRE	Trojan.Agent.CTMQ
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Spyware ( 0051fb6b1 )
K7GW	Spyware ( 0051fb6b1 )
Cybereason	malicious.10d152
VirIT	Trojan.Win32.Genus.EF
Cyren	W32/Coinminer.EP.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	Win32/Spy.Zbot.ADC
APEX	Malicious
BitDefender	Trojan.Agent.CTMQ
NANO-Antivirus	Trojan.Win32.Yakes.exauhu
ViRobot	Trojan.Win32.Agent.312832.S
Ad-Aware	Trojan.Agent.CTMQ
Emsisoft	Trojan.Agent.CTMQ (B)
DrWeb	Trojan.MulDrop7.55102
Zillya	Trojan.Yakes.Win32.67654
McAfee-GW-Edition	BehavesLike.Win32.NetLoader.fh
Sophos	ML/PE-A
GData	Trojan.Agent.CTMQ
Jiangmin	Trojan.Yakes.ysp
Avira	HEUR/AGEN.1215578
MAX	malware (ai score=89)
Antiy-AVL	Trojan/Generic.ASMalwS.3E79
Microsoft	Trojan:Win32/Cerber.MPI!MTB
Cynet	Malicious (score: 100)
Acronis	suspicious
Malwarebytes	Malware.Heuristic.1001
Rising	Trojan.Generic@AI.91 (RDMK:cmRtazqXbgzeN2veOXC31tkiH9Fi)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/CoinMiner.3E08!tr
BitDefenderTheta	Gen:NN.ZexaF.34786.wW0@au4aZ0gi
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Trojan.Agent.CTMQ?

Trojan.Agent.CTMQ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X