Trojan

Trojan.Win64.Agent.qwhxxc removal tips

Malware Removal

The Trojan.Win64.Agent.qwhxxc is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win64.Agent.qwhxxc virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan.Win64.Agent.qwhxxc?



File Info:

name: BD099F5A0A0580DFDBCD.mlw
path: /opt/CAPEv2/storage/binaries/3d5a5f7503d89158b56e76331698d4987462e985c4c59cf3ad0698f1d8d41cdc
crc32: 8CFFCA88
md5: bd099f5a0a0580dfdbcd66384650fa6d
sha1: d54b7648d817bc94b0f944efc899c57c88380f72
sha256: 3d5a5f7503d89158b56e76331698d4987462e985c4c59cf3ad0698f1d8d41cdc
sha512: c96a3d1bf21cb55740796c5f7d9e06889fc128371a17824005ee20d4cb9d5c0969ab27e108a87d957a76c5d17cad4c2077b4b43e043d01dbe24bb69ce1014cc2
ssdeep: 24576:7m1anPnj5O/RHpFngjEULK1pYBt+EIsX9Au:C1anP8RJ8We+bSZ
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T166058D5AB7A800F6D177D138C5825613E7B2B85A172097DF03A18BA93F336E15E3B721
sha3_384: 4487426b69510ca2ac81229f1b930c34fba1c377f42e1d0f074c56d8a77f90d76aaafec2014fc4f283f8b5c7f3e1776c
ep_bytes: 4883ec28e8830800004883c428e97afe
timestamp: 2021-11-26 12:36:43


Version Info:

FileDescription: ACE-SAFE Client DLL
FileVersion: 6.2.2104.1046
InternalName: ACE-SAFE.DLL
OriginalFileName: ACE-SAFE.DLL
LegalCopyright: © AntiCheatExpert.com Limited. All Rights Reserved.
ProductName: Anti-Cheat Expert
CompanyName: ANTICHEATEXPERT.COM
ProductVersion: 6.2.2104.1046
Translation: 0x0409 0x04b0

Trojan.Win64.Agent.qwhxxc also known as:

FireEyeTrojan.GenericKD.38138749
ALYacTrojan.GenericKD.38138749
K7AntiVirusTrojan ( 0058b0101 )
AlibabaTrojan:Win64/Generic.fcdd0a5d
K7GWTrojan ( 0058b0101 )
ESET-NOD32a variant of Win64/Agent_AGen.AP
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win64.Agent.qwhxxc
BitDefenderTrojan.GenericKD.38138749
MicroWorld-eScanTrojan.GenericKD.38138749
AvastWin64:Trojan-gen
Ad-AwareTrojan.GenericKD.38138749
SophosMal/Generic-S
TrendMicroTROJ_GEN.R002C0WKU21
McAfee-GW-EditionRDN/Generic.dx
EmsisoftTrojan.GenericKD.38138749 (B)
GDataWin64.Trojan.Agent.INM0C6
GridinsoftRansom.Win64.Sabsik.sa
ArcabitTrojan.Generic.D245F37D
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
McAfeeRDN/Generic.dx
MAXmalware (ai score=80)
TrendMicro-HouseCallTROJ_GEN.R002C0WKU21
IkarusTrojan.Win64.Agent
FortinetW64/Agent_AGen.AP!tr
AVGWin64:Trojan-gen
PandaTrj/CI.A

How to remove Trojan.Win64.Agent.qwhxxc?

Trojan.Win64.Agent.qwhxxc removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment