How to remove “Win32/Agent_AGen.CQD”?

The Win32/Agent_AGen.CQD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Agent_AGen.CQD virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Win32/Agent_AGen.CQD?


File Info:
name: 98C6B38A269C52695EF0.mlw
path: /opt/CAPEv2/storage/binaries/494885d3d3a50ee26fa17d56a4c3c057cc99f1c4a5a7f78228f9c6e0126022d0
crc32: 18FF22B3
md5: 98c6b38a269c52695ef09d9ec145ad89
sha1: 9039ddafb01127076f41bc6e6a73828bd4764bb8
sha256: 494885d3d3a50ee26fa17d56a4c3c057cc99f1c4a5a7f78228f9c6e0126022d0
sha512: 6435454e606adf2d0fd7af0aa80d6eb9e3404af4cf2b3c590470f448510fbbbb7c0513933222154f2e7f6d12997e2c96ee4ccd237250b0f8c5a75475c47fe52a
ssdeep: 384:RBdy66IEzFTXTMlvbCBa3DE045HFL/L/L/L/L:X0667XTMlvbU8A/bbbb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A4528DB183DC8C75FA5D48F74FBA1AD345A4362D65A07944040EDC9E0FBE261AAA231F
sha3_384: 15e569a4f23ac7397673d67e5fda81f42c4c1ce86a17d634fdf145e8f4401a5ab05d5dfd32a4d654009c9818a26e0c10
ep_bytes: 5053b899040000b9984440008a1980eb
timestamp: 2007-07-24 01:52:49

Version Info:
0: [No Data]

Win32/Agent_AGen.CQD also known as:

Bkav	W32.AIDetectMalware
DrWeb	Trojan.PackedENT.124
MicroWorld-eScan	Trojan.Ransom.Poison.B
FireEye	Generic.mg.98c6b38a269c5269
CAT-QuickHeal	Trojan.Grandoreiro
Skyhigh	BehavesLike.Win32.Generic.lc
ALYac	Trojan.Ransom.Poison.B
Malwarebytes	Trojan.Downloader
Zillya	Trojan.AgentAGen.Win32.30446
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 0059befd1 )
K7GW	Trojan ( 0059befd1 )
Cybereason	malicious.fb0112
BitDefenderTheta	Gen:NN.ZexaF.36608.amW@aKovO2i
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Agent_AGen.CQD
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:P2P-Worm.Win32.Convagent.gen
BitDefender	Trojan.Ransom.Poison.B
NANO-Antivirus	Trojan.Win32.VB.juiskq
Avast	Win32:Evo-gen [Trj]
Sophos	Mal/ExeSax-A
F-Secure	Trojan.TR/Crypt.ZPACK.Gen
VIPRE	Trojan.Ransom.Poison.B
TrendMicro	TROJ_GEN.R03BC0DLM23
Trapmine	malicious.high.ml.score
Emsisoft	Trojan.Ransom.Poison.B (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan/Generic.bghcg
Avira	TR/Crypt.ZPACK.Gen
MAX	malware (ai score=88)
Antiy-AVL	GrayWare/Win32.Krap.cku
Xcitium	Heur.Packed.MultiPacked@1z141z3
Arcabit	Trojan.Ransom.Poison.B
ZoneAlarm	HEUR:P2P-Worm.Win32.Convagent.gen
GData	Trojan.Ransom.Poison.B
Google	Detected
AhnLab-V3	Trojan/Win.LJ.R535457
DeepInstinct	MALICIOUS
McAfee	GenericRXTL-LJ!98C6B38A269C
TACHYON	Worm/W32.Convagent.14336.DG
VBA32	Malware-Cryptor.General.3
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R03BC0DLM23
Tencent	Trojan.Win32.VB.kn
Ikarus	Trojan.Crypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Agent.C40A!tr
AVG	Win32:Evo-gen [Trj]
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Win32/Agent_AGen.CQD?

Win32/Agent_AGen.CQD removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X