Win32/Agent.ABPC removal guide

Malware Removal

The Win32/Agent.ABPC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

ribbon

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
THANK YOU!
DOWNLOAD NOW
On Going Offer

What Win32/Agent.ABPC virus can do?

  • At least one process apparently crashed during execution
  • Injection with CreateRemoteThread in a remote process
  • Possible date expiration check, exits too soon after checking local time
  • Expresses interest in specific running processes
  • A process created a hidden window
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Korean
  • Uses Windows utilities for basic functionality
  • Code injection with CreateRemoteThread in a remote process
  • Deletes its original binary from disk
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Checks the system manufacturer, likely for anti-virtualization
  • Anomalous binary characteristics

How to determine Win32/Agent.ABPC?


File Info:

crc32: 4858E189
md5: 8faceb042dbbc05db1ee31d73b5264c0
name: mxz32.exe
sha1: 94f5013a2af0cc2d6ab8532f08df0e5c283e658c
sha256: 3058159c6b1fc76854cc527293afe9d1712b705b2ad7a4a9232a881290f699b9
sha512: 0e81c2774aabaa9f18b549b6a3b1d076005d25b8f8cafdade93d31dd87d695e919ebb69b3e441951e3ea5de6f248ed5ed97523889dec84c95adbcbc38b1226fc
ssdeep: 3072:9hzKMnsyQvxnaHfEyLON84DNb2IYBc0trWJ6+sOFSLsV8D69AZMtO9gJzB+Na45:9hls7pnsqa41YXtyZsOFN8aAZMtO9kn
type: PE32 executable (console) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Win32/Agent.ABPC also known as:

BkavW32.AIDetectVM.malware
MicroWorld-eScanTrojan.GenericKD.42863466
CAT-QuickHealTrojan.Multi
ALYacTrojan.GenericKD.42863466
CylanceUnsafe
AegisLabTrojan.Win32.Pincav.4!c
SangforMalware
K7AntiVirusTrojan ( 00560e8a1 )
BitDefenderTrojan.GenericKD.42863466
K7GWTrojan ( 00560e8a1 )
Cybereasonmalicious.a2af0c
Invinceaheuristic
SymantecML.Attribute.HighConfidence
GDataTrojan.GenericKD.42863466
KasperskyTrojan.Win32.Pincav.brafb
AlibabaTrojan:Win32/Invader.a76dbe2c
RisingTrojan.Agent!8.B1E (CLOUD)
Ad-AwareTrojan.GenericKD.42863466
EmsisoftTrojan.GenericKD.42863466 (B)
ComodoMalware@#2jt7riaus8cjw
F-SecureTrojan.TR/Agent.fpxzb
DrWebTrojan.MulDrop11.48216
TrendMicroTROJ_GEN.R01FC0PCL20
McAfee-GW-EditionBehavesLike.Win32.Trojan.ch
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.8faceb042dbbc05d
SophosMal/Generic-S
IkarusTrojan.Win32.Agent
CyrenW32/Trojan.XVEN-1108
AviraTR/Agent.fpxzb
MAXmalware (ai score=100)
Antiy-AVLTrojan[GameThief]/Win32.Latot
Endgamemalicious (high confidence)
ArcabitTrojan.Generic.D28E0B6A
ZoneAlarmTrojan.Win32.Pincav.brafb
MicrosoftTrojan:Win32/Occamy.C
McAfeeArtemis!8FACEB042DBB
VBA32BScope.Trojan.Wacatac
PandaTrj/CI.A
ESET-NOD32a variant of Win32/Agent.ABPC
TrendMicro-HouseCallTROJ_GEN.R01FC0PCL20
TencentWin32.Trojan.Pincav.Efbo
SentinelOneDFI – Suspicious PE
eGambitUnsafe.AI_Score_98%
FortinetW32/Pincav.ABPC!tr
BitDefenderThetaGen:NN.ZexaE.34100.luW@aaEJOTbO
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_90% (W)
Qihoo-360Win32/Trojan.b99

How to remove Win32/Agent.ABPC?

Win32/Agent.ABPC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment