What is “Win32/Agent_AGen.CQD”?

The Win32/Agent_AGen.CQD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Agent_AGen.CQD virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Win32/Agent_AGen.CQD?


File Info:
name: D5F4F0A390CF581BB321.mlw
path: /opt/CAPEv2/storage/binaries/e96dda1380ea3a5f27dde251ac3b746bd3e9e8c5c9c2104db18932e85425587f
crc32: 7E572AF2
md5: d5f4f0a390cf581bb321df22e306e6ea
sha1: 6c6dc42a2d98212b304a95b220a1a67b8b0ab185
sha256: e96dda1380ea3a5f27dde251ac3b746bd3e9e8c5c9c2104db18932e85425587f
sha512: 946dff171db5ba3a58560af90d5f8cb890b0fc53b0518d5479a6cbd89881131a7dcbb7d6f4c828faeeae4c6a9a2eeb8b9b346f505163edd92861734b2ffd78c3
ssdeep: 384:ixyuSPpSyndK8tLWCrr9esntqAWgS13iUlvWTDE045Hu4j4j4j4j:icdKU9AyXh8yAI4j4j4j4j
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CF527CA35A5C18B8FFDC12F7036BCEF1988075E91EA36504140B934D5F3DA4E26A2747
sha3_384: 44721b87d782a5f45d22c6c6c81b66b4b33a7853da9c3b40c6c1700b93af3d146b86ef66213eb506ae027b96f4581f00
ep_bytes: 5053b899040000b9984440008a1980eb
timestamp: 2007-07-24 01:52:49

Version Info:
0: [No Data]

Win32/Agent_AGen.CQD also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Poison.labP
MicroWorld-eScan	Trojan.Ransom.Poison.B
FireEye	Generic.mg.d5f4f0a390cf581b
CAT-QuickHeal	Trojan.Grandoreiro
Skyhigh	BehavesLike.Win32.Generic.lc
ALYac	Trojan.Ransom.Poison.B
Malwarebytes	Trojan.Downloader
VIPRE	Trojan.Ransom.Poison.B
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 0059befd1 )
BitDefender	Trojan.Ransom.Poison.B
K7GW	Trojan ( 0059befd1 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	AI:Packer.44249F861F
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Agent_AGen.CQD
Cynet	Malicious (score: 100)
APEX	Malicious
Kaspersky	HEUR:P2P-Worm.Win32.Convagent.gen
Alibaba	Worm:Win32/Grandoreiro.a4b83f66
NANO-Antivirus	Trojan.Win32.VB.juiskq
ViRobot	Trojan.Win.Z.Poison.14336.QVCL
Rising	Trojan.Generic@AI.100 (RDMK:NLkZ93hp+u1AySlyXf8nHw)
Emsisoft	Trojan.Ransom.Poison.B (B)
F-Secure	Trojan.TR/Crypt.ZPACK.Gen
DrWeb	Trojan.PackedENT.124
TrendMicro	TROJ_GEN.R03BC0DJV23
Trapmine	malicious.high.ml.score
Sophos	Mal/ExeSax-A
Ikarus	Win32.Outbreak
GData	Trojan.Ransom.Poison.B
Jiangmin	Trojan/Generic.bghcg
Varist	W32/Agent.FJT.gen!Eldorado
Avira	TR/Crypt.ZPACK.Gen
Antiy-AVL	GrayWare/Win32.Krap.cku
Kingsoft	malware.kb.a.999
Xcitium	Heur.Packed.MultiPacked@1z141z3
Arcabit	Trojan.Ransom.Poison.B
ZoneAlarm	HEUR:P2P-Worm.Win32.Convagent.gen
Microsoft	Trojan:Win64/Grandoreiro.psyE!MTB
Google	Detected
AhnLab-V3	Trojan/Win.LJ.R535457
Acronis	suspicious
McAfee	GenericRXTL-LJ!D5F4F0A390CF
MAX	malware (ai score=81)
DeepInstinct	MALICIOUS
VBA32	Malware-Cryptor.General.3
Cylance	unsafe
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_GEN.R03BC0DJV23
Tencent	Trojan.Win32.VB.hh
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Agent.C40A!tr
AVG	Win32:Evo-gen [Trj]
Cybereason	malicious.a2d982
Avast	Win32:Evo-gen [Trj]

How to remove Win32/Agent_AGen.CQD?

Win32/Agent_AGen.CQD removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X