MSIL/Agent.UWV information

The MSIL/Agent.UWV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Agent.UWV virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics
Anomalous binary characteristics

How to determine MSIL/Agent.UWV?


File Info:
name: 9DB47379C293307FB6DE.mlw
path: /opt/CAPEv2/storage/binaries/ee880b672c2549c1cbf77a73201a2343c73d895d99a5285dc516db181780d592
crc32: 7F7BFEFB
md5: 9db47379c293307fb6de5c269f467de7
sha1: e1394ec024699e2f8596f518027013d68faf4a2a
sha256: ee880b672c2549c1cbf77a73201a2343c73d895d99a5285dc516db181780d592
sha512: 8c855d047b65b5f98abc6ab230ed88f9f3f24b5ebe38317a402b271e902f192a411302dbd9b21082b26e795f58d805bd7d2479a1a320fa6dbce6042a5904b0cd
ssdeep: 96:Z9b9USs39Vjlv3AsrrnjdmPgCZlm/79Ccf9xDgSB4QJ6DZqa8uIfPsAaG3aLlYR:Z9bHs39ltTyZwD9CcfLVB4QJEq9TaY
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1FAF1A211F7F88158F6EE4B3869F31321067AFA971A22C75F5884411C6D716868BA1FF2
sha3_384: 0e7d340bf491a48811ed7cac202b3720b986af623884fa74065dc726ac0c580975b43047d644642a7e80fdf46a6f3108
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-12-03 06:26:38

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: VulturiBuilder-uninstaller.exe
LegalCopyright:  
OriginalFilename: VulturiBuilder-uninstaller.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/Agent.UWV also known as:

Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.38191666
FireEye	Generic.mg.9db47379c293307f
ALYac	Trojan.GenericKD.38191666
K7AntiVirus	Trojan ( 005898be1 )
Alibaba	Trojan:MSIL/MalwareX.d26e602d
K7GW	Trojan ( 005898be1 )
CrowdStrike	win/malicious_confidence_80% (W)
Cyren	W64/MSIL_Troj.BCG.gen!Eldorado
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of MSIL/Agent.UWV
TrendMicro-HouseCall	TROJ_GEN.R002H0CL421
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.MSIL.Agent.gen
BitDefender	Trojan.GenericKD.38191666
Avast	Win64:MalwareX-gen [Trj]
Tencent	Trojan.Win64.BitCoinMiner.16000099
Ad-Aware	Trojan.GenericKD.38191666
Emsisoft	Trojan.GenericKD.38191666 (B)
McAfee-GW-Edition	Artemis!Trojan
Sophos	Mal/Generic-S
APEX	Malicious
eGambit	Unsafe.AI_Score_99%
Avira	HEUR/AGEN.1143071
Gridinsoft	Ransom.Win64.Sabsik.sa
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Trojan.GenericKD.38191666
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.Generic.C4775283
McAfee	Artemis!9DB47379C293
MAX	malware (ai score=84)
Cylance	Unsafe
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.UQS!tr
AVG	Win64:MalwareX-gen [Trj]

How to remove MSIL/Agent.UWV?

MSIL/Agent.UWV removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X