Malware

Win32/Agent.PGA (file analysis)

Malware Removal

The Win32/Agent.PGA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32/Agent.PGA virus can do?

  • Authenticode signature is invalid

How to determine Win32/Agent.PGA?


File Info:

name: 1699A5847E51E4B68143.mlw
path: /opt/CAPEv2/storage/binaries/f17cb89028ee8ded27baa6cbe8f5d71c915deee1a09d2ddc3bbc91a4ffe15ae7
crc32: 5D0F2F59
md5: 1699a5847e51e4b68143f4a28d72dc09
sha1: e97844d3646e4d23b5a4f1723821f02ef7112564
sha256: f17cb89028ee8ded27baa6cbe8f5d71c915deee1a09d2ddc3bbc91a4ffe15ae7
sha512: 57513501c9cf5ec0b7c9164bc37f2ad3e4aba427c87828dbb89ebc4fd0982940856fde36d3b9114db8d369adfdd94b1eaa99f709cc0ff798bd8e1dff1228889c
ssdeep: 12:etGSG4Mvem/fAaTGH+OKGVm5D7pbXzFOUzdNLBX/xiZgH8LBJYU11XJU:etGSGGaTGpwTXzFLz3LBvxiZjNyU1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F471E38397A9DAF2C1DE9BF102835644F6FF22780B6370214B565987AB70A3A54F8F14
sha3_384: cf7b4c76784dbb5e03af5e47f745eeeee466b0de8641f846953fa084b464c824e3d069ba8a00ee589548827a1d107ee6
ep_bytes: 6a00e8ef000000a320324000e8df0000
timestamp: 2012-07-10 08:40:43

Version Info:

0: [No Data]

Win32/Agent.PGA also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Barys.320571
FireEyeGeneric.mg.1699a5847e51e4b6
CAT-QuickHealTrojan.Orbus.A4
McAfeeTrojan-FDSZ!1699A5847E51
MalwarebytesTrojan.Tiny
ZillyaTrojan.Tiny.Win32.19929
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 004c36c31 )
AlibabaTrojan:Win32/Orbus.1777e3dd
K7GWTrojan ( 004c36c31 )
Cybereasonmalicious.47e51e
BaiduWin32.Trojan.Agent.ez
CyrenW32/Agent.PI.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Agent.PGA
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Tiny.cm
BitDefenderGen:Variant.Barys.320571
NANO-AntivirusTrojan.Win32.Clicker.cqkxir
SUPERAntiSpywareTrojan.Agent/Gen-Backdoor
AvastWin32:Evo-gen [Trj]
TencentTrojan.Win32.Tiny.wb
TACHYONTrojan/W32.Small.3584.GK
EmsisoftGen:Variant.Barys.320571 (B)
F-SecureTrojan.TR/Rogue.7909438
DrWebTrojan.Click2.48861
VIPREGen:Variant.Barys.320571
TrendMicroTROJ_AGENT_BK0836F7.TOMC
McAfee-GW-EditionTrojan-FDSZ!1699A5847E51
Trapminemalicious.moderate.ml.score
SophosTroj/Agent-AHOA
GDataGen:Variant.Barys.320571
JiangminTrojan/Genome.cgew
WebrootW32.Rogue.Gen
AviraTR/Rogue.7909438
Antiy-AVLTrojan/Win32.Genome
XcitiumTrojWare.Win32.Agent.jety@4qvpub
ArcabitTrojan.Barys.D4E43B
ZoneAlarmTrojan.Win32.Tiny.cm
MicrosoftTrojan:Win32/Orbus
GoogleDetected
AhnLab-V3Trojan/Win32.Tiny.R291211
ALYacGen:Variant.Barys.320571
MAXmalware (ai score=80)
VBA32Trojan.Tiny
Cylanceunsafe
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_AGENT_BK0836F7.TOMC
RisingTrojan.Win32.Lati.a (CLASSIC)
IkarusTrojan-Dropper
MaxSecureTrojan.Malware.2588.susgen
FortinetW32/Agent.PGA!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/Agent.PGA?

Win32/Agent.PGA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment