Trojan

Trojan-Downloader.Win32.Agent.xxzrgp removal tips

Malware Removal

The Trojan-Downloader.Win32.Agent.xxzrgp is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Agent.xxzrgp virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan-Downloader.Win32.Agent.xxzrgp?



File Info:

name: 67657A8C8421F1F132C5.mlw
path: /opt/CAPEv2/storage/binaries/a3f05b331104126fed82a5a8d112b19e2befef4664274f37b4e4bb3cb2532b20
crc32: 972DC0AF
md5: 67657a8c8421f1f132c5e99680bcb525
sha1: a818e4e1a0a7a436ac85bb7bed4e8d14ccb4cede
sha256: a3f05b331104126fed82a5a8d112b19e2befef4664274f37b4e4bb3cb2532b20
sha512: 882594443b8a0eaa59c77c512ca8de675fc7371f2e2818b706806279a2a3e583bfdb9d10ec2e8b2498179769ef6abd27311c9772a2f8b8d0601915b808d4b0f4
ssdeep: 24576:NHsTIQrTOlVZ54HW8Doc4gIgCIekOPCqfSOpklaQOWwETDeccc3jk:mTIfcHWzgT4P4OlQOWwETDecVw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13225BE01B881D071D8475172616CF77DAA3D6A210F328EDBD3C4AE799EB09C1663E29E
sha3_384: c3ee3edb1e376bab8ab94c257a39a7edc39c3e422386cec9d55b8ea96670d9bd3814ee0918706235220d604739414068
ep_bytes: e813050000e978feffffa128534f0053
timestamp: 2019-02-28 05:00:00


Version Info:

CompanyName: The Chromium Authors
FileDescription: Chromium
FileVersion: 72.0.3626.121
InternalName: elevation_service_exe
LegalCopyright: Copyright 2018 The Chromium Authors. All rights reserved.
OriginalFilename: elevation_service.exe
ProductName: Chromium
ProductVersion: 72.0.3626.121
CompanyShortName: The Chromium Authors
ProductShortName: Chromium
LastChange: da3787ba355f18db7db52abf75c42afb408d656f-refs/branch-heads/3626@#883
Official Build: 1
Translation: 0x0409 0x04b0

Trojan-Downloader.Win32.Agent.xxzrgp also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.46600236
FireEyeTrojan.GenericKD.46600236
ALYacTrojan.GenericKD.46600236
SangforTrojan.Win32.Agent.xxzrgp
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojanDownloader:Win32/Generic.6f435be1
K7GWRiskware ( 0040eff71 )
CyrenW32/Trojan.EIXS-6051
SymantecML.Attribute.HighConfidence
KasperskyTrojan-Downloader.Win32.Agent.xxzrgp
BitDefenderTrojan.GenericKD.46600236
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKD.46600236
EmsisoftTrojan.GenericKD.46600236 (B)
ZillyaBackdoor.Agent.Win32.79339
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-R
JiangminTrojanDownloader.Agent.fzbb
MAXmalware (ai score=100)
KingsoftWin32.TrojDownloader.Agent.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitTrojan.Generic.D2C7102C
GDataTrojan.GenericKD.46600236
McAfeeArtemis!67657A8C8421
VBA32BScope.TrojanDownloader.Agent
MalwarebytesGeneric.Malware/Suspicious
TrendMicro-HouseCallTROJ_GEN.R002H0CGB21
FortinetW32/Agent.XXZRGP!tr.dldr
AVGWin32:Malware-gen
PandaTrj/CI.A

How to remove Trojan-Downloader.Win32.Agent.xxzrgp?

Trojan-Downloader.Win32.Agent.xxzrgp removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment