Malware

VBS:Agent-XK [Trj] removal tips

Malware Removal

The VBS:Agent-XK [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VBS:Agent-XK [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Deletes executed files from disk

How to determine VBS:Agent-XK [Trj]?



File Info:

name: 8380CA80583A843371AE.mlw
path: /opt/CAPEv2/storage/binaries/b0d611512985d719cfd75da5b20be51e643528af2af7057f5cd8a8ab77f50e75
crc32: 77FAE58A
md5: 8380ca80583a843371aeb27a4d42365d
sha1: b6441070f0a686048bdd6839a26e462815ad00a5
sha256: b0d611512985d719cfd75da5b20be51e643528af2af7057f5cd8a8ab77f50e75
sha512: 8d7b6aaad74c9e67f3f89a4be86b5240f133481834613e35ce3479a4ff971444c86c1a5c93b9b814104b56ceb9a34a08898665784235ebda259eb7e58476f2d6
ssdeep: 6144:v/203H5S0gMuntfu+tZYDAAzHnCMZOlJW3heU72lq5wiApBtJ3:H203H5ZatfumZizbcjWci2w5wrvtB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10D641242A3A84079E072C5712E6AC5575F373E372C3C141AB2DDAE8D5F772E1982A783
sha3_384: 1899ac3aec5dd0da6a80fc6694fa0ca7d61d668ffa9b767c62cba4faa7a8be95af71a2c6566e6c217860e741ca745ba4
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: My Company, Inc.                                            
FileDescription: My Program Setup                                            
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: My Program                                                  
ProductVersion:                     
Translation: 0x0000 0x04b0

VBS:Agent-XK [Trj] also known as:

LionicTrojan.VBS.Agent.8!c
McAfeeArtemis!8380CA80583A
MalwarebytesGeneric.Malware/Suspicious
ZillyaTrojan.Agent.Win32.1118475
SangforTrojan.Vbs.Clicker.Vhwd
CyrenJS/Agent.NZ
SymantecJS.Downloader
Paloaltogeneric.ml
KasperskyTrojan-Clicker.VBS.Agent.ba
AlibabaTrojanClicker:VBS/Clicker.36ba7a04
NANO-AntivirusTrojan.Script.Agent.bqdpme
SophosMal/Generic-S
F-SecureMalware.VBS/Clicker.OI
DrWebTrojan.MulDrop9.36082
McAfee-GW-EditionArtemis!Trojan
IkarusTrojan-Clicker.VBS.Agent
GoogleDetected
AviraVBS/Clicker.OI
MicrosoftTrojan:Win32/Wacatac.B!ml
XcitiumMalware@#1zkejxp0xsp3s
SUPERAntiSpywarePUP.InstallCore/Variant
DeepInstinctMALICIOUS
Cylanceunsafe
RisingTrojan.Script.VBS.StartPage.hc (CLASSIC)
MaxSecureTrojan.Malware.8549998.susgen
FortinetJS/Agent.NBT!tr
AVGVBS:Agent-XK [Trj]
AvastVBS:Agent-XK [Trj]

How to remove VBS:Agent-XK [Trj]?

VBS:Agent-XK [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment