Malware

Win32/Agent_AGen.CFB removal

Malware Removal

The Win32/Agent_AGen.CFB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Agent_AGen.CFB virus can do?

  • Sample contains Overlay data
  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Win32/Agent_AGen.CFB?



File Info:

name: 83046C553B44DAC31204.mlw
path: /opt/CAPEv2/storage/binaries/54fdee3fbf54df035ef6171216ef1508faefe82438eea5c501b5ee9796359579
crc32: 82BC75ED
md5: 83046c553b44dac312049e216633cbfd
sha1: c786ec9b9a107e2bd86a596392d8a19c7bea05b4
sha256: 54fdee3fbf54df035ef6171216ef1508faefe82438eea5c501b5ee9796359579
sha512: 304a9ef2b977c49c239877559fb2f619f2623911c7c2c1b63be4b7982489f85e6a67bb78458a37b72458553577b5bd820a809e195ad8799544e85effc66cebac
ssdeep: 98304:kqAZIQTbNSz2t15lbi1ywhpuxOhnkR+NK/jlEGsfVN6O4I0eD3t29t4qIYmcArX:kfZIQfNSq154hpuxqxNK5EG2VN6NI0eb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10C4612E3516B114DD0E0CC3B86237DD631F64756AB82BC7864EAADC2D07B498E31798B
sha3_384: 85585c79327b2de0fd587f3ddd3c41544a6aa4a4cedf0b3b26e2295ac5c04c9e743134028c0a803c9e6093d3a2301406
ep_bytes: 008a0200a7dae40250a959fde033d252
timestamp: 2013-08-24 14:37:28


Version Info:

CompanyName: Корпорация  М айкрософт
FileDescription: Диспетчер синхронизации
FileVersion: 5.1.2600.5512 (xpsp.080413-2108)
Translation: 0x0419 0x04b0

Win32/Agent_AGen.CFB also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKDZ.102907
ClamAVWin.Packed.A85ahpf-10004460-0
McAfeePacked-AM!83046C553B44
MalwarebytesGeneric.Malware.AI.DDS
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ab3b81 )
K7GWTrojan ( 005ab3b81 )
Cybereasonmalicious.b9a107
BitDefenderThetaGen:NN.ZexaF.36722.@N1@aKbnIvjc
CyrenW32/Agent.BCI.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Agent_AGen.CFB
APEXMalicious
CynetMalicious (score: 100)
BitDefenderTrojan.GenericKDZ.102907
NANO-AntivirusTrojan.Win32.Mods.kaixwj
AvastWin32:Evo-gen [Trj]
EmsisoftTrojan.GenericKDZ.102907 (B)
BaiduWin32.Trojan.Kryptik.ac
F-SecureTrojan.TR/Agent_AGen.eiprj
DrWebTrojan.Mods.1
VIPRETrojan.GenericKDZ.102907
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.83046c553b44dac3
SophosGeneric ML PUA (PUA)
IkarusTrojan.Win32.ShipUp
GDataTrojan.GenericKDZ.102907
AviraTR/Agent_AGen.eiprj
Antiy-AVLTrojan/Win32.ShipUp
ArcabitTrojan.Generic.D191FB
MicrosoftTrojan:Script/Phonzy.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R605213
ALYacTrojan.GenericKDZ.102907
MAXmalware (ai score=88)
RisingTrojan.Kryptik!1.A949 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.CFB!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Win32/Agent_AGen.CFB?

Win32/Agent_AGen.CFB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment