Win32/TrojanDownloader.Agent.BGS removal tips

The Win32/TrojanDownloader.Agent.BGS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/TrojanDownloader.Agent.BGS virus can do?

Performs some HTTP requests
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Attempts to repeatedly call a single API many times in order to delay analysis time
Attempts to modify proxy settings
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

d2.freep.cn

How to determine Win32/TrojanDownloader.Agent.BGS?


File Info:
crc32: 7F1C63DD
md5: b4e59d592c2caa9ac2a26263fd52ab47
name: B4E59D592C2CAA9AC2A26263FD52AB47.mlw
sha1: e0a1104b90346a4d56542b93ce4af149fb9f80f5
sha256: 46c1fbc9138979bd65d3d73a90d873d813c576b51c35cc51a1af61611486b618
sha512: e897203e31b9a88d048d237159d5d947e561a7f987426c5da34d1213912e330c2bfe8ea1de517ff6cff3eb1ff073d0290937ff38ac6cae143973305d298f6ceb
ssdeep: 384:acci66oe94o1IthUUlFq0c91s6y136dmlQ+kqE:acc0oe9UtC0c91Kjl+
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: x7248x6743x6240x6709(C) 2015
InternalName: DHLDAT
FileVersion: 1, 0, 0, 1
CompanyName: x5faex8f6fx4e2dx56fd
PrivateBuild: 
LegalTrademarks: 
Comments: 
ProductName: x5faex8f6fx4e2dx56fd DHLDAT
SpecialBuild: 
ProductVersion: 1, 0, 0, 1
FileDescription: DHLDAT
OriginalFilename: DHLDAT.dat
Translation: 0x0804 0x04b0

Win32/TrojanDownloader.Agent.BGS also known as:

Bkav	W32.AIDetectVM.malware1
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader18.63667
MicroWorld-eScan	Trojan.Cud.Gen.1
FireEye	Generic.mg.b4e59d592c2caa9a
CAT-QuickHeal	Trojan.Generic
McAfee	Trojan-FJYJ!B4E59D592C2C
Cylance	Unsafe
AegisLab	Trojan.Win32.Generic.lwox
Sangfor	Malware
CrowdStrike	win/malicious_confidence_80% (D)
BitDefender	Trojan.Cud.Gen.1
K7GW	Trojan-Downloader ( 005707ed1 )
K7AntiVirus	Trojan-Downloader ( 005707ed1 )
BitDefenderTheta	Gen:NN.ZexaF.34804.bq0@aqhCLEbb
Symantec	Downloader.Domar
APEX	Malicious
Avast	Win32:Dropper-OHP [Trj]
Kaspersky	HEUR:Trojan.Win32.Generic
Alibaba	Backdoor:Win32/Zlob.180910
Rising	Downloader.Farfli!8.2C32 (TFE:5:cYQskQxw6zD)
Ad-Aware	Trojan.Cud.Gen.1
Emsisoft	Trojan.Cud.Gen.1 (B)
Comodo	TrojWare.Win32.GameThief.Magania.~NWABI@1775fs
F-Secure	Trojan.TR/Downloader.Gen4
Baidu	Win32.Trojan-Downloader.Agent.cw
TrendMicro	BKDR_ZEGOST.SM17
McAfee-GW-Edition	Trojan-FJYJ!B4E59D592C2C
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE – Downloader
Jiangmin	Trojan/ServStart.el
eGambit	Unsafe.AI_Score_99%
Avira	TR/Downloader.Gen4
Antiy-AVL	Trojan/Win32.AGeneric
Microsoft	TrojanDownloader:Win32/Farfli.L!bit
Arcabit	Trojan.Cud.Gen.1
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Trojan.Cud.Gen.1
Cynet	Malicious (score: 90)
AhnLab-V3	Trojan/Win32.Agent.R150830
VBA32	suspected of Trojan.Downloader.gen.h
MAX	malware (ai score=81)
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/Genetic.gen
ESET-NOD32	a variant of Win32/TrojanDownloader.Agent.BGS
TrendMicro-HouseCall	BKDR_ZEGOST.SM17
Tencent	Win32.Trojan-downloader.Agent.Phgf
Yandex	Trojan.GenAsa!VL1NOScDOaI
Fortinet	W32/Agent.BNA!tr
AVG	Win32:Dropper-OHP [Trj]
Qihoo-360	Trojan.Win32.Agent.GK

How to remove Win32/TrojanDownloader.Agent.BGS?

Win32/TrojanDownloader.Agent.BGS removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Win32/TrojanDownloader.Agent.BGS removal tips