WinGo/Agent.HT removal tips

The WinGo/Agent.HT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What WinGo/Agent.HT virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine WinGo/Agent.HT?


File Info:
name: 1CD62D495C282C3D6299.mlw
path: /opt/CAPEv2/storage/binaries/f0a1fe40667764f68ea1a3cbbf9210659381d27c72b55111bcfd965b0f7f9011
crc32: 3A3BD47E
md5: 1cd62d495c282c3d62994bfce93b501c
sha1: 96fb7d9f2d3947e4dd2a51537d8940fcc73a8671
sha256: f0a1fe40667764f68ea1a3cbbf9210659381d27c72b55111bcfd965b0f7f9011
sha512: 983332e892200b146d548757dee996e9586856d8cf7e3d2280d0c5ce819547404f1502d343ed80ce44616bd328d919094279ee90f6a80fc6f87fe423d0d91a9c
ssdeep: 98304:5IeRTbUUBy2jZ1mgYgQnM3fTg4tjfMpjBo0hEreXTaFu1/Kqhy5DXLOwGkFCE:51BbUyDmNSjtjgpE6Z1rwo5E
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14E660162FC9744B1EA12D1320997D29FE3217D061F358B87E650BF3BADB25A00D3E265
sha3_384: 5aed89a3b8333646d32206974896ef638be59e3bf0c91bcf0b6ac343ba1193353c774dde0166e3ab29c4852a77ad59d5
ep_bytes: e97bddffffcccccccccccccccccccccc
timestamp: 1970-01-01 00:00:00

Version Info:
0: [No Data]

WinGo/Agent.HT also known as:

Bkav	W32.AIDetect.malware2
MicroWorld-eScan	Trojan.GenericKD.63452378
FireEye	Generic.mg.1cd62d495c282c3d
McAfee	Artemis!1CD62D495C28
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 005957171 )
Alibaba	Trojan:Win32/PackBackdoor.97982801
Cybereason	malicious.f2d394
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of WinGo/Agent.HT
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	VHO:Trojan-PSW.Win32.Convagent.gen
BitDefender	Trojan.GenericKD.63452378
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	Trojan.GenericKD.63452378
DrWeb	Trojan.Siggen19.3524
TrendMicro	TrojanSpy.Win32.REDLINE.YXCKGZ
McAfee-GW-Edition	BehavesLike.Win32.PUPXRW.vc
Trapmine	suspicious.low.ml.score
SentinelOne	Static AI – Suspicious PE
GData	Win32.Trojan-Stealer.Cordimik.85F3H9@gen
Avira	TR/Crypt.XPACK.Gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.Trojan-gen.C5243711
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZexaF.34754.@BW@aGawhvk
MAX	malware (ai score=84)
Malwarebytes	Malware.AI.3239701656
TrendMicro-HouseCall	TrojanSpy.Win32.REDLINE.YXCKGZ
Rising	Trojan.Generic@AI.100 (RDML:OCOVIE8XvIcp+iE5Qey9NQ)
Ikarus	Win32.Outbreak
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Agent.HT!tr
AVG	Win32:TrojanX-gen [Trj]

How to remove WinGo/Agent.HT?

WinGo/Agent.HT removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X