Categories: Malware

Win32/Agent.VBQ removal instruction

The Win32/Agent.VBQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Agent.VBQ virus can do?

Executable code extraction
Injection (inter-process)
Creates RWX memory
Reads data out of its own binary image
Drops a binary and executes it
Uses Windows utilities for basic functionality
A potential decoy document was displayed to the user
Installs itself for autorun at Windows startup
Creates a hidden or system file
Anomalous binary characteristics

Related domains:

blognews.onmypc.org

ametoy.acmetoy.com

How to determine Win32/Agent.VBQ?


File Info:
crc32: C86DAD49md5: 79f1af23d5ab729a3071d1f4c2a0606fname: 79F1AF23D5AB729A3071D1F4C2A0606F.mlwsha1: 5a8ba95d925b166a51cb7755971def2eb18873f0sha256: faec75d9b819504716908e923ad30a70a40e6e2094ac4775bcc3edb4448c5296sha512: 9fb99b0c3129850f734132f792fcc6e717151751b3015c6e1d5462adc24235a78a9e6d212ce54cc8d4d3d7a4f0807ca044e9c2fbf88c31d32b99d9238ca3d134ssdeep: 3072:3Lk395hYXJfLv21HL2bw/ZBeFZyea4aOQ0i2ogl8y7hqhMR2szjMO+DnITi6s+Ac:3QqZbRoTsI5bpLaypKuD7IFpi311proJtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

Win32/Agent.VBQ also known as:

MicroWorld-eScan	Gen:Variant.Ser.Mikey.1391
FireEye	Generic.mg.79f1af23d5ab729a
Qihoo-360	Win32/Ransom.Blocker.HyoDxgcA
ALYac	Gen:Variant.Ser.Mikey.1391
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Trojan.Win32.Bluether.A
K7AntiVirus	Trojan ( 0055e3dd1 )
BitDefender	Gen:Variant.Ser.Mikey.1391
K7GW	Trojan ( 0055e3dd1 )
Symantec	ML.Attribute.HighConfidence
Avast	Win32:Malware-gen
Kaspersky	Trojan-Ransom.Win32.Blocker.fwvg
Alibaba	Trojan:Win32/Blocker.0095f1f8
NANO-Antivirus	Trojan.Win32.Agent.dgrlml
Rising	Malware.FakePDF@CV!1.9C3A (CLASSIC)
Sophos	Mal/Generic-R
Comodo	Malware@#30v74ifpz5pag
F-Secure	Heuristic.HEUR/AGEN.1111002
DrWeb	Trojan.DownLoader11.40674
Zillya	Trojan.Blocker.Win32.31489
TrendMicro	BKDR_PLEAD.SMZTDK-C
McAfee-GW-Edition	GenericRXEX-WK!4BCB99623C05
Emsisoft	Gen:Variant.Ser.Mikey.1391 (B)
Jiangmin	Trojan.Blocker.d
Avira	HEUR/AGEN.1111002
MAX	malware (ai score=99)
Antiy-AVL	Trojan[Ransom]/Win32.Blocker
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Backdoor:Win32/Bladabindi!ml
Arcabit	Trojan.Ser.Mikey.D56F
ZoneAlarm	Trojan-Ransom.Win32.Blocker.fwvg
GData	Gen:Variant.Ser.Mikey.1391
Cynet	Malicious (score: 85)
McAfee	Artemis!79F1AF23D5AB
VBA32	Hoax.Blocker
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/Chgt.H
ESET-NOD32	a variant of Win32/Agent.VBQ
TrendMicro-HouseCall	BKDR_PLEAD.SMZTDK-C
Tencent	Win32.Trojan.Blocker.Alsr
Yandex	Trojan.Blocker!jebDcCoRy/4
Ikarus	Trojan-Ransom.Blocker
Fortinet	W32/Agent.WMZ!tr
BitDefenderTheta	Gen:NN.ZexaF.34590.cq0@aSM@Vcli
AVG	Win32:Malware-gen
Cybereason	malicious.3d5ab7
Paloalto	generic.ml