Win32/Spy.Agent.PTM (file analysis)

The Win32/Spy.Agent.PTM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Spy.Agent.PTM virus can do?

The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Win32/Spy.Agent.PTM?


File Info:
crc32: 8474ADB8
md5: ad1bf40823d0a5a80710772173ee3e23
name: pak444.exe
sha1: 22a55dc00d77e8f0d92e7299cd4781ff2154d1f8
sha256: a1ae27c556ffb43e4a6826db470a0f43b09055235e959c3bb144dff0ab7fca51
sha512: ebbb9d6316b2d36289b1a744bbb5ee85dc6e1c485c971eb0ae59ebea2d78efd9c408035d3b71f53c4960869685b59007ce7bc35fc7f5cb50f8f2f322914d251a
ssdeep: 24576:lQbuDLxqwhLb1XqwsklS7FWhPNW8C8h8M:QIxqwtJXqqA5gJJ8
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright xa9Rickard Johansson.
InternalName: ManageabilityDescibed
FileVersion: 2.9.9.384
CompanyName: Rickard Johansson
FileDescription: Weblog Compilers
LegalTrademarks: Copyright xa9Rickard Johansson.
Comments: Weblog Compilers
ProductName: ManageabilityDescibed
ProductVersion: 2.9.9.384
PrivateBuild: 2.9.9.384
OriginalFilename: ManageabilityDescibed
Translation: 0x0409 0x04b0

Win32/Spy.Agent.PTM also known as:

MicroWorld-eScan	Trojan.GenericKD.41836636
FireEye	Generic.mg.ad1bf40823d0a5a8
CAT-QuickHeal	Trojanpws.Predator
McAfee	RDN/Generic PWS.vo
Malwarebytes	Spyware.PredatorTheThief
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Generic.4!c
Sangfor	Malware
K7AntiVirus	Spyware ( 005520611 )
BitDefender	Trojan.GenericKD.41836636
K7GW	Spyware ( 005520611 )
Cybereason	malicious.00d77e
TrendMicro	Mal_HPGen-37b
BitDefenderTheta	Gen:NN.ZexaF.33550.1y0@aOkH!!gi
F-Prot	W32/Kryptik.ABE.gen!Eldorado
Symantec	Trojan.Gen.2
ESET-NOD32	Win32/Spy.Agent.PTM
TrendMicro-HouseCall	Mal_HPGen-37b
Paloalto	generic.ml
ClamAV	Win.Trojan.Agent-7188594-0
GData	Trojan.GenericKD.41836636
Kaspersky	Trojan-PSW.Win32.Predator.cnx
Alibaba	TrojanPSW:Win32/Predator.95f94493
NANO-Antivirus	Trojan.Win32.Predator.gbjqvw
ViRobot	Trojan.Win32.Z.Predator.868352
Avast	Win32:Malware-gen
Rising	Spyware.Agent!8.C6 (TFE:5:ZZ88R1rnd8B)
Ad-Aware	Trojan.GenericKD.41836636
Sophos	Mal/Generic-S
Comodo	Malware@#3ulltpqea9e1d
F-Secure	Trojan.TR/Spy.Agent.zstoe
DrWeb	Trojan.PWS.Siggen2.32551
Zillya	Trojan.Agent.Win32.1157885
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Dropper.cc
SentinelOne	DFI – Malicious PE
Emsisoft	Trojan.GenericKD.41836636 (B)
APEX	Malicious
Cyren	W32/Kryptik.ABE.gen!Eldorado
Jiangmin	Trojan.PSW.Predator.sv
Webroot	W32.Malware.Gen
Avira	TR/Spy.Agent.zstoe
Antiy-AVL	Trojan[PSW]/Win32.Predator
Endgame	malicious (high confidence)
Arcabit	Trojan.Generic.D27E605C
AhnLab-V3	Trojan/Win32.MalPacked.R287551
ZoneAlarm	Trojan-PSW.Win32.Predator.cnx
Microsoft	Trojan:Win32/Occamy.C
TACHYON	Trojan/W32.Agent.868352.KL
Acronis	suspicious
VBA32	BScope.TrojanPSW.Predator
ALYac	Trojan.PSW.Predator
MAX	malware (ai score=83)
Cylance	Unsafe
Ikarus	Packed.Win32.Crypt
Fortinet	W32/Predator.CNX!tr.pws
AVG	Win32:Malware-gen
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	HEUR/QVM10.2.327B.Malware.Gen

How to remove Win32/Spy.Agent.PTM?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Win32/Spy.Agent.PTM (file analysis)