Trojan

Win32/TrojanDownloader.Agent.GFH removal guide

Malware Removal

The Win32/TrojanDownloader.Agent.GFH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDownloader.Agent.GFH virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Win32/TrojanDownloader.Agent.GFH?



File Info:

name: BBBCD871613139B915D0.mlw
path: /opt/CAPEv2/storage/binaries/f295e5a5a37f135ada5151e77513f5b4550c0136d2f8ed8c71ac20e771724127
crc32: A349C73E
md5: bbbcd871613139b915d019539003ca07
sha1: 88e032423e0265e11c51ff4bd8b7819a81d975c3
sha256: f295e5a5a37f135ada5151e77513f5b4550c0136d2f8ed8c71ac20e771724127
sha512: 2402bdcf612bc61b455f1e45720c3d9351f082c3b6cc7af3148574962aead2b6e7d410d53d2ec5ff54e9b49421202ff60660b355269e9776dcfb13beb1480f52
ssdeep: 3072:YZHRmZB6fY+7ANTgFKqqEjk+OplZlSFpGemgokAnSt5/Zyt+2YjjPy:IHW0fYWAaQNmk+uLlS9zGY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12E349E2335E0C4BBC6A311714FD69BFFF2B6FD100F629A4327A09B2D6D3159286361A5
sha3_384: 8ccf52aaa18a2cd8521f4de018ee5b4359d1ce5d1f92af8d5051ce3dbb0e73317355f6cb6ee6f45942c721713372bea4
ep_bytes: 558bec6aff68209842006850d2400064
timestamp: 2022-05-04 07:35:11


Version Info:

CompanyName: 
FileDescription: AA2 Microsoft 基础类应用程序
FileVersion: 1, 0, 0, 1
InternalName: AA2
LegalCopyright: 版权所有 (C) 2022
LegalTrademarks: 
OriginalFilename: AA2.EXE
ProductName: AA2 应用程序
ProductVersion: 1, 0, 0, 1
Translation: 0x0804 0x04b0

Win32/TrojanDownloader.Agent.GFH also known as:

LionicTrojan.Win32.Farfli.m!c
MicroWorld-eScanTrojan.GenericKD.49355258
FireEyeGeneric.mg.bbbcd871613139b9
McAfeeRDN/Generic Downloader.x
CylanceUnsafe
ZillyaDownloader.Agent.Win32.470314
SangforDownloader.Win32.Farfli.Vw3l
K7AntiVirusTrojan-Downloader ( 005907be1 )
AlibabaBackdoor:Win32/Farfli.a338687f
K7GWTrojan-Downloader ( 005907be1 )
Cybereasonmalicious.23e026
BitDefenderThetaGen:NN.ZexaF.34592.oq0@aOQF1sab
CyrenW32/Kryptik.BWY.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.GFH
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Backdoor.Win32.Farfli.gen
BitDefenderTrojan.GenericKD.49355258
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.10d07010
Ad-AwareTrojan.GenericKD.49355258
TACHYONBackdoor/W32.Farfli.233472.H
SophosMal/Generic-S
ComodoMalware@#t80gczdiu02u
VIPRETrojan.GenericKD.49355258
TrendMicroTROJ_GEN.R002C0WFT22
McAfee-GW-EditionRDN/Generic Downloader.x
Trapminesuspicious.low.ml.score
EmsisoftTrojan.GenericKD.49355258 (B)
IkarusTrojan-Downloader.Win32.Agent
GDataTrojan.GenericKD.49355258
JiangminBackdoor.Farfli.gbo
GoogleDetected
AviraTR/Dldr.Agent.sbglj
Antiy-AVLTrojan/Generic.ASMalwS.26E9
MicrosoftTrojan:Win32/Zbot!mclg
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.Generic.C5132972
VBA32suspected of Trojan.Downloader.gen
ALYacTrojan.GenericKD.49355258
MAXmalware (ai score=82)
MalwarebytesBackdoor.Farfli
TrendMicro-HouseCallTROJ_GEN.R002C0WFT22
RisingBackdoor.Farfli!8.B4 (CLOUD)
YandexTrojan.DL.Agent!3hUDpRaqX40
MaxSecureTrojan.Malware.73947863.susgen
FortinetW32/Agent.GFH!tr.dldr
AVGWin32:Malware-gen
PandaTrj/Chgt.AA
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/TrojanDownloader.Agent.GFH?

Win32/TrojanDownloader.Agent.GFH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment