Malware

About “Win32/Agent.PAP” infection

Malware Removal

The Win32/Agent.PAP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Agent.PAP virus can do?

  • The binary likely contains encrypted or compressed data.
  • Anomalous binary characteristics

How to determine Win32/Agent.PAP?



File Info:

crc32: 9B277303
md5: 38629c3a5d0fdc7d72c3727f5bfc5a3b
name: 38629C3A5D0FDC7D72C3727F5BFC5A3B.mlw
sha1: 7d9b9784799ac81595d3a96c642df9da3ca23357
sha256: b0224e29923482d3cb4db20b7b68f6aba0d3c731995dbf02bb4fc1e5875379f6
sha512: ed116bdcb1f53177fbc4223ece1f13117ad8ebfb940062e933fdc3f8d3fcb08050c96dbbd2ccba4963e39297d54fde71add8177685cc740b5af21cbad2ea6b3b
ssdeep: 3072:CR+SmnqOhgSew/P+SSSSSSSSSSSSSSSSSSSSSSSSSSSS5HSSSSSSSUSSSSSSSSS7:Pq6/u0Sqb50TLkDAcEbMmHrEyhm
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: Copyleft 1998-2006 by Don HO
InternalName: npp.exe
FileVersion: 6.3
CompanyName: Don HO don.h@free.fr
ProductName: Notepad++
ProductVersion: 6.3
FileDescription: Notepad++ : a free (GNU) source code editor
OriginalFilename: Notepad++.exe

Win32/Agent.PAP also known as:

K7AntiVirusTrojan ( 700000121 )
Elasticmalicious (high confidence)
DrWebTrojan.Packed.24182
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.40761395
ZillyaTrojan.Injector.Win32.186681
CrowdStrikewin/malicious_confidence_90% (D)
K7GWTrojan ( 700000121 )
Cybereasonmalicious.a5d0fd
CyrenW32/Agent.SY.gen!Eldorado
SymantecTrojan.Gen
ESET-NOD32Win32/Agent.PAP
APEXMalicious
AvastMSIL:Agent-ADI [Trj]
ClamAVWin.Packed.Darkkomet-6726316-0
KasperskyHEUR:Backdoor.MSIL.Androm.gen
BitDefenderTrojan.GenericKD.40761395
MicroWorld-eScanTrojan.GenericKD.40761395
TencentMalware.Win32.Gencirc.10b6113e
Ad-AwareTrojan.GenericKD.40761395
SophosML/PE-A
ComodoTrojWare.Win32.Lethic.DY@5reprn
TrendMicroTROJ_SPNR.30HR13
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.38629c3a5d0fdc7d
EmsisoftTrojan.GenericKD.40761395 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Jorik.gote
AviraTR/Jorik.Lethic.EB
eGambitUnsafe.AI_Score_99%
MicrosoftBackdoor:Win32/Bladabindi!ml
ArcabitTrojan.Generic.D26DF833
SUPERAntiSpywareTrojan.Agent/Gen-Fake[Plus]
GDataTrojan.GenericKD.40761395
AhnLab-V3Backdoor/Win32.DarkKomet.R62460
McAfeeArtemis!38629C3A5D0F
MAXmalware (ai score=83)
VBA32TScope.Trojan.MSIL
MalwarebytesMalware.AI.3715112713
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_SPNR.30HR13
IkarusTrojan.Win32.Jorik
MaxSecureTrojan.Malware.4973904.susgen
FortinetMSIL/Injector.IFC!tr
AVGMSIL:Agent-ADI [Trj]

How to remove Win32/Agent.PAP?

Win32/Agent.PAP removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment