Trojan.Win32.Agent.xadurz removal guide

The Trojan.Win32.Agent.xadurz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Win32.Agent.xadurz virus can do?

Authenticode signature is invalid

How to determine Trojan.Win32.Agent.xadurz?


File Info:
name: CB9E5B3D56C80A28A614.mlw
path: /opt/CAPEv2/storage/binaries/c9ae8fca17a3de599e5b0e38a12300e49b0a0280b78f980702bc49c877e429ef
crc32: 389A88EA
md5: cb9e5b3d56c80a28a614d35bfdd7c049
sha1: df340b8aaf3846a14a028d72b65609e6b091be27
sha256: c9ae8fca17a3de599e5b0e38a12300e49b0a0280b78f980702bc49c877e429ef
sha512: 905410b18c7f7e37808cf3db88cfbc9240b87b3818f8890d30875c93d85a7a062e7b5487657f2939affe19bf09631c3d3fbec2c16112a9ff9b856790ec901ca2
ssdeep: 24576:mDCMA6kxsKEeULRyQ+2CrhSHZnd0iDHsd+vd:7zxULRr+2EhSD0iDMdGd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19F356A1137F1C477D2B33A314A3A977577BAB9205C32960FAAD51B3D1E709819E3832A
sha3_384: 8bec9682180bb7ecc8177f174216ab6db093488873d7ca3fbf838804a7b72094a188f27d58255c2b3475b53ee7667db4
ep_bytes: e87fb00000e979feffffcccc8b4c2404
timestamp: 2000-04-03 15:25:47

Version Info:
Comments: Open Source FTP server for Windows
CompanyName: FileZilla Project
FileDescription: FileZilla Server
FileVersion: 0, 9, 41, 0
InternalName: FileZilla Server
LegalCopyright: Copyright (C) 2001-2012
OriginalFilename: FileZilla server.exe
ProductName: FileZilla Server
ProductVersion: 0, 9, 41, 0
Translation: 0x0407 0x04b0

Trojan.Win32.Agent.xadurz also known as:

Bkav	W32.AIDetectMalware
Lionic	Virus.Win32.Virut.n!c
ClamAV	Win.Worm.Autorunvb-7053731-0
FireEye	Generic.mg.cb9e5b3d56c80a28
McAfee	Artemis!CB9E5B3D56C8
Malwarebytes	Chir.Spyware.Infostealer.DDS
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win32/Virut.d7ce1bb6
Cybereason	malicious.aaf384
VirIT	Win32.Scribble.Z
Cyren	W32/Virut.BY.gen!Eldorado
Elastic	malicious (high confidence)
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 99)
Kaspersky	Trojan.Win32.Agent.xadurz
NANO-Antivirus	Virus.Win32.Virut-Gen.bwpxnc
Avast	Win32:Crypt-KOW [Trj]
Tencent	Virus.Win32.Virut.ua
F-Secure	Trojan.TR/Patched.Gen
McAfee-GW-Edition	BehavesLike.Win32.Virut.th
Trapmine	malicious.high.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Jiangmin	Win32/Virut.bv
Avira	TR/Patched.Gen
ZoneAlarm	Trojan.Win32.Agent.xadurz
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
Acronis	suspicious
Cylance	unsafe
Ikarus	Virus.Win32.Virut
Fortinet	W32/Agent.XADURZ!tr
AVG	Win32:Crypt-KOW [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan.Win32.Agent.xadurz?

Trojan.Win32.Agent.xadurz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X