Trojan.AutoIt.Agent Removal Report

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Panda	Trj/CI.A
AVG	Generic6_c.BUMR
Fortinet	W32/Grp.GA!tr
Ikarus	Win32.AutoIt
AhnLab-V3	Backdoor/Win32.ZAccess
Microsoft	TrojanDownloader:AutoIt/Agent.J
AntiVir	TR/Agent.281211
DrWeb	Trojan.DownLoader5.42373
Comodo	UnclassifiedMalware
Sophos	Mal/Generic-L
Kaspersky	Backdoor.Win32.ZAccess.zii
Avast	Win32:AutoIt-ALZ [Trj]
Symantec	WS.Reputation.1
K7AntiVirus	Riskware
McAfee	Generic.grp!ga

SpyHunter Detects & Remove Trojan.AutoIt.Agent

File System Details

Trojan.AutoIt.Agent may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	helper.exe	d153209ef11ad69f868ca810e9bbc99b	772
Name: helper.exe MD5: d153209ef11ad69f868ca810e9bbc99b Size: 6.97 MB (6979584 bytes) Detections: 772 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\appdata\roaming\microsoft\windows Group: Malware file Last Updated: April 23, 2020
2.	ythgrfed.exe	3ba321ee9799577ab20f40743f90421a	258
Name: ythgrfed.exe MD5: 3ba321ee9799577ab20f40743f90421a Size: 19.12 MB (19128320 bytes) Detections: 258 Type: Executable File Path: C:\Users\<username>\AppData\Roaming Group: Malware file Last Updated: August 22, 2021
3.	update.exe	6990ca67da0cea7582fa7c3d93724963	92
Name: update.exe MD5: 6990ca67da0cea7582fa7c3d93724963 Size: 12.55 MB (12556288 bytes) Detections: 92 Type: Executable File Path: C:\ProgramData\Setup Group: Malware file Last Updated: April 5, 2024
4.	temp5.exe	5e25abc3a3ad181d2213e47fa36c4a37	66
Name: temp5.exe MD5: 5e25abc3a3ad181d2213e47fa36c4a37 Size: 11.13 MB (11139072 bytes) Detections: 66 Type: Executable File Path: C:\ProgramData Group: Malware file Last Updated: February 6, 2023
5.	helper.exe	66a55f9baf27d573e0b4116b4d552380	42
Name: helper.exe MD5: 66a55f9baf27d573e0b4116b4d552380 Size: 7.58 MB (7586816 bytes) Detections: 42 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\appdata\roaming\microsoft\windows Group: Malware file Last Updated: April 2, 2020
6.	dpnlobby.exe	8d0a7ac3647224c6c882e164a578c17d	29
Name: dpnlobby.exe MD5: 8d0a7ac3647224c6c882e164a578c17d Size: 2.62 MB (2622976 bytes) Detections: 29 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\x86_microsoft-windows-ie-imagesupport\dpnlobby.exe Group: Malware file Last Updated: August 5, 2020
7.	SoftwareUpdaterService.exe	ce4c37b485f6c2a463e70348fbb5575f	24
Name: SoftwareUpdaterService.exe MD5: ce4c37b485f6c2a463e70348fbb5575f Size: 704.43 KB (704437 bytes) Detections: 24 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: May 12, 2020
8.	2 Stefanie Y C R.exe.vir	866cbcecf93ef70863af7cc8495f4031	18
Name: 2 Stefanie Y C R.exe.vir MD5: 866cbcecf93ef70863af7cc8495f4031 Size: 1.55 MB (1550848 bytes) Detections: 18 Path: C:\Program Files (x86)\UsbFix\Quarantine\F\Fotos\2 Stefanie Y C R.exe.vir Group: Malware file Last Updated: September 16, 2022
9.	Windows.Shell.Search.UriHandler.exe	d8e82701d83d054c0eb90c34ea8b319d	14
Name: Windows.Shell.Search.UriHandler.exe MD5: d8e82701d83d054c0eb90c34ea8b319d Size: 1.88 MB (1888256 bytes) Detections: 14 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\wow64_microsoft-windows-mfaacenc Group: Malware file Last Updated: August 4, 2020
10.	afd519f0a8b99b9c3ea46000ec8699b11284eef09727ee668a4efde8ba25ffca	54b97b5e2b29aee504559abc6aa0ed70	13
Name: afd519f0a8b99b9c3ea46000ec8699b11284eef09727ee668a4efde8ba25ffca MD5: 54b97b5e2b29aee504559abc6aa0ed70 Size: 742.4 KB (742400 bytes) Detections: 13 Path: %SYSTEMDRIVE%\Users\<username>\Desktop\5557028791025664\afd519f0a8b99b9c3ea46000ec8699b11284eef09727ee668a4efde8ba25ffca Group: Malware file Last Updated: August 19, 2020
11.	app.exe	bf2aa49a532f3a01ff926884bdcbb1eb	13
Name: app.exe MD5: bf2aa49a532f3a01ff926884bdcbb1eb Size: 669.69 KB (669696 bytes) Detections: 13 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\User\app.exe Group: Malware file Last Updated: October 16, 2021
12.	service2.exe	e8b4c4df28c72f033a5a8e39c98f3064	12
Name: service2.exe MD5: e8b4c4df28c72f033a5a8e39c98f3064 Size: 2.54 MB (2546688 bytes) Detections: 12 Type: Executable File Path: %COMMONPROGRAMFILES(x86)%\rundll Group: Malware file Last Updated: April 17, 2020
13.	90b0abb7b61c8ee659bc4d1c863f9e2b42213632	bc7eec8a90f799f80dda8177f2abb3a2	10
Name: 90b0abb7b61c8ee659bc4d1c863f9e2b42213632 MD5: bc7eec8a90f799f80dda8177f2abb3a2 Size: 966.75 KB (966757 bytes) Detections: 10 Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\Apple Computer\MobileSync\Backup\b52f312198de5c4dde213670227f41b5e16a42db-20181122-032541\90\90b0abb7b61c8ee659bc4d1c863f9e2b42213632 Group: Malware file Last Updated: May 4, 2021
14.	app.exe	19b9974723cab005e3775bd8ba7c2cbe	10
Name: app.exe MD5: 19b9974723cab005e3775bd8ba7c2cbe Size: 659.45 KB (659456 bytes) Detections: 10 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Geominco\app.exe Group: Malware file Last Updated: September 15, 2021
15.	initsrv.exe	d249778acb9923f3bf6adf075a8778de	8
Name: initsrv.exe MD5: d249778acb9923f3bf6adf075a8778de Size: 483.42 KB (483425 bytes) Detections: 8 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\initsrv.exe Group: Malware file Last Updated: June 27, 2020
16.	system.pifx	c68c74df81edfea4c3ceb9861b5d69e9	8
Name: system.pifx MD5: c68c74df81edfea4c3ceb9861b5d69e9 Size: 774.14 KB (774144 bytes) Detections: 8 Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: October 22, 2021
17.	wdc.exe	ea465f0ce93c67dd6e083fbd79d03d17	7
Name: wdc.exe MD5: ea465f0ce93c67dd6e083fbd79d03d17 Size: 3.63 MB (3636736 bytes) Detections: 7 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\amd64_mdmgl008.inf\wdc.exe Group: Malware file Last Updated: July 1, 2021
18.	shtsenv.exe	f8438b55ff1d37ea940bfdf19dad99da	6
Name: shtsenv.exe MD5: f8438b55ff1d37ea940bfdf19dad99da Size: 1.04 MB (1044992 bytes) Detections: 6 Type: Executable File Path: c:\windows Group: Malware file Last Updated: February 8, 2020
19.	assets .exe	1e4feeeb8674a01df333c9cb6f858ae8	5
Name: assets .exe MD5: 1e4feeeb8674a01df333c9cb6f858ae8 Size: 617.47 KB (617472 bytes) Detections: 5 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\minecrak\assets\assets .exe Group: Malware file Last Updated: January 29, 2021
20.	qxgMPdgN8RB2.exe#338d2c2a	7bb1ba7cfadbc02522b1113f488f9e3a	5
Name: qxgMPdgN8RB2.exe#338d2c2a MD5: 7bb1ba7cfadbc02522b1113f488f9e3a Size: 985.6 KB (985600 bytes) Detections: 5 Path: C:\Users\<username>\AppData\Roaming\MajorAV\Quarantine\2020-08-190805\qxgMPdgN8RB2.exe#338d2c2a Group: Malware file Last Updated: April 10, 2021
21.	Activation.exe	fdf2edc611c6a1b0d14290cb75326763	4
Name: Activation.exe MD5: fdf2edc611c6a1b0d14290cb75326763 Size: 1.09 MB (1098752 bytes) Detections: 4 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: January 31, 2020
22.	steam key generator.exe	3313ab2e6adab202c44a2354374a43aa	4
Name: steam key generator.exe MD5: 3313ab2e6adab202c44a2354374a43aa Size: 12.11 MB (12117504 bytes) Detections: 4 Type: Executable File Path: c:\Users\<username>\appdata\local\temp\rar$exa0.790\steam key generator Group: Malware file Last Updated: September 10, 2020
23.	adobeart.exe	bdf282bbd43e8de3654a440255da1632	4
Name: adobeart.exe MD5: bdf282bbd43e8de3654a440255da1632 Size: 1.9 MB (1907028 bytes) Detections: 4 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\appdata\roaming Group: Malware file Last Updated: September 28, 2020
24.	csrss.exe	385c0e62425caba1cda72dbac1e8b318	3
Name: csrss.exe MD5: 385c0e62425caba1cda72dbac1e8b318 Size: 938.77 KB (938775 bytes) Detections: 3 Type: Executable File Path: C:\Windows\SysWOW64\realtek Group: Malware file Last Updated: August 19, 2020
25.	unp2451684.tmp	0af565985c8d1e27b520af2122489a75	2
Name: unp2451684.tmp MD5: 0af565985c8d1e27b520af2122489a75 Size: 2.14 MB (2149376 bytes) Detections: 2 Type: Temporary File Path: c:\windows\temp\_avg_ Group: Malware file Last Updated: September 2, 2020

More files

Registry Details

Trojan.AutoIt.Agent may create the following registry entry or registry entries:

File name without path

! My Image.scr

tmpe0d.tmp.google.exe

Regexp file mask

%APPDATA%\cmitros.exe

%APPDATA%\install\win32.exe

%APPDATA%\keep.exe

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\20109297886[NUMBERS].exe

%appdata%\microsoft\windows\start menu\programs\startup\autoupdatedl.exe

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\cmitros.exe

%APPDATA%\regsvr.exe

%HOMEDRIVE%\Google\EXLE.exe

%HOMEDRIVE%\googlechrome\googlechrome.a3x

%HOMEDRIVE%\googlechrome\googlechrome.exe

%HOMEDRIVE%\googlechrome\googlechrome.lnk

%HOMEDRIVE%\googlechrome\GoogleUpdate.lnk

%HOMEDRIVE%\googlechrome\WindowsUpdate.lnk

%HOMEDRIVE%\mozillafirefox\googlechrome.exe

%LOCALAPPDATA%\start\update.exe

%temp%\file.exe

%WINDIR%\svhost.exe

%WINDIR%\system32\install\win32.exe

%WINDIR%\SysWOW64\install\win32.exe

Directories

Trojan.AutoIt.Agent may create the following directory or directories:

%APPDATA%\Windata

%APPDATA%\lazagne

%USERPROFILE%\LegacyNetUXHost

%WINDIR%\cidd_p

Ranking:	1,295
Threat Level:	80 % (High)
Infected Computers:	89,170

First Seen:	December 11, 2012
Last Seen:	April 9, 2024
OS(es) Affected:	Windows

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Trojan.AutoIt.Agent

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Trojan.AutoIt.Agent

File System Details

Registry Details

Directories

Submit Comment

Trending

WinUpdatesDisabler Ransomware

Cbusy Scam

Bawelteey.com

Most Viewed

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error

What is Msedge.exe?