Trojan

Should I remove “Trojan:Win32/AgentBypass!rfn”?

Malware Removal

The Trojan:Win32/AgentBypass!rfn is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/AgentBypass!rfn virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded win api malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan:Win32/AgentBypass!rfn?



File Info:

name: 9EE687BC1E05B55A1EB2.mlw
path: /opt/CAPEv2/storage/binaries/fd06a6767819d54f45098d1e55901da214fd0a7268a83597e9b9ffd47cedd0f8
crc32: 73FA87FE
md5: 9ee687bc1e05b55a1eb2829561ce9d15
sha1: 5d16c00c432bcb90b83148a3f075b929628e9379
sha256: fd06a6767819d54f45098d1e55901da214fd0a7268a83597e9b9ffd47cedd0f8
sha512: 2ab19b72a89fe87bc8deb67fd02fc9c75bd7e6e660795b159708c73369d885a9e5a42fed977237ac6dcf4c5bf66f94eba54c186e2478f423446d40bf02d63b9f
ssdeep: 1536:wI93ZLvzPLRHdaBk7RaY0zDhC6LULdUrxYXHus09N1hE2uptyI/HTT8sYo0v:wI93ZLvzV9bRazD0FuxY3us09NDufRn2
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1CE736C42FBC880F6E1D2A4BC116BB73255BFB2354715CAD39B752C896BA06D2A93C143
sha3_384: e27e36ee5bf61910df18ff853eff06ab97df8ca3e3206df6eec78ad4691d1f585f5599fbf610853b0dc78f72eca869a6
ep_bytes: 558bec81ec04010000837d0c01756056
timestamp: 2012-04-19 12:00:53


Version Info:

0: [No Data]

Trojan:Win32/AgentBypass!rfn also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Invader.movR
Elasticmalicious (high confidence)
DrWebTrojan.DownLoad3.5187
MicroWorld-eScanGen:Variant.Zusy.10712
FireEyeGeneric.mg.9ee687bc1e05b55a
CAT-QuickHealTrojan.MauvaiseRI.S5243282
SkyhighBehavesLike.Win32.Generic.lh
McAfeeGenericRXPI-OT!9EE687BC1E05
MalwarebytesMalware.AI.4125885316
VIPREGen:Variant.Zusy.10712
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaTrojan:Win32/Pincav.088df4ac
K7GWHacktool ( 005289351 )
K7AntiVirusHacktool ( 005289351 )
BitDefenderThetaGen:NN.ZedlaF.36802.eq4@ae5Gk3g
VirITTrojan.Win32.Pincav.CHBR
SymantecBackdoor.Trojan
ESET-NOD32a variant of Win32/Agent.TCI
APEXMalicious
AvastWin32:Downloader-OAG [Trj]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Zusy.10712
NANO-AntivirusTrojan.Win32.Invader.rdvom
TencentWin32.Trojan.Generic.Agow
EmsisoftGen:Variant.Zusy.10712 (B)
F-SecureBackdoor.BDS/Backdoor.Gen
ZillyaTrojan.Agent.Win32.242170
SophosMal/Behav-010
IkarusTrojan.Win32.Pincav
MAXmalware (ai score=100)
JiangminTrojan/Pincav.qfa
GoogleDetected
AviraBDS/Backdoor.Gen
VaristW32/Agent.MO.gen!Eldorado
Antiy-AVLTrojan/Win32.Pincav
Kingsoftmalware.kb.a.1000
MicrosoftTrojan:Win32/AgentBypass.gen!rfn
XcitiumMalware@#3m9fad2h96jkz
ArcabitTrojan.Zusy.D29D8
ViRobotTrojan.Win32.A.Pincav.73728.F
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Zusy.10712
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Cosmu.R23427
VBA32BScope.Trojan.Download
ALYacGen:Variant.Zusy.10712
TACHYONTrojan/W32.Pincav.73728.T
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.Vasnasea!8.A21 (TFE:2:utgM0ItBoKF)
YandexTrojan.GenAsa!kGQJfWzOu4U
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.7164915.susgen
FortinetW32/Agent.TCI!tr
AVGWin32:Downloader-OAG [Trj]
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Zusy

How to remove Trojan:Win32/AgentBypass!rfn?

Trojan:Win32/AgentBypass!rfn removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment