MSILPerseus.186546 removal guide

The MSILPerseus.186546 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSILPerseus.186546 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
.NET file is packed/obfuscated with Confuser
Authenticode signature is invalid
Unusual version info supplied for binary

How to determine MSILPerseus.186546?


File Info:
name: B90717806FC430D919A3.mlw
path: /opt/CAPEv2/storage/binaries/9dbc5c0d3dd5b0d78e63cbe5691b450ded90806537a70a6784224bd52d95b32b
crc32: 99749716
md5: b90717806fc430d919a30a81efa02af8
sha1: 8f37c00671ea5ca5ad36267e30313167beeaadf5
sha256: 9dbc5c0d3dd5b0d78e63cbe5691b450ded90806537a70a6784224bd52d95b32b
sha512: 4483dee396d1519d1d5216b379e4ad622ab8b269efabe8e5626df7b276d1214b70b11a384b6047efbc81a7024211fa5fe9c8cddfe2a78382720ad230cbbdd2de
ssdeep: 6144:hLqSoH5aNl4bQgEtnP7vGFrpZmgTvW414bTe7kkpvlw+m+ZE/AJZ:hL4ZXbm5jorpZvTvW414bTWkkpvlw+mg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T112341F9D765072DFC857C872DEA81C64EA6078BB530F9203A46726ED9E0D99BCF140F2
sha3_384: 96008820ff9f47e858243c8c4d139fda7f900d9ab4b4a24c8f33c21faceaa5b1c3f6cfa6067a7b5beac425bd5a202b8d
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-05-09 20:31:46

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1.0.0.0
InternalName: Loader.exe
LegalCopyright: Copyright © Microsoft 2015
LegalTrademarks: 
OriginalFilename: Loader.exe
ProductName: 
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSILPerseus.186546 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.MSILPerseus.186546
FireEye	Generic.mg.b90717806fc430d9
ALYac	Gen:Variant.MSILPerseus.186546
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	Gen:NN.ZemsilF.34182.om0@aWOZhyo
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/DllInject.ACJ potentially unsafe
BitDefender	Gen:Variant.MSILPerseus.186546
NANO-Antivirus	Trojan.Win32.Fuery.epafgk
Avast	Win32:Trojan-gen
Tencent	Win32.Trojan.Fuery.Pdvr
Ad-Aware	Gen:Variant.MSILPerseus.186546
Emsisoft	Gen:Variant.MSILPerseus.186546 (B)
Comodo	Malware@#120bo3m5o0mqu
F-Secure	Trojan.TR/Fuery.toinw
Zillya	Trojan.GenericKD.Win32.48594
McAfee-GW-Edition	Artemis!Trojan
Sophos	Generic PUA IP (PUA)
APEX	Malicious
GData	Gen:Variant.MSILPerseus.186546
Webroot	W32.Trojan.Gen
Avira	TR/Fuery.toinw
MAX	malware (ai score=83)
Arcabit	Trojan.MSILPerseus.D2D8B2
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
McAfee	Artemis!B90717806FC4
Malwarebytes	Generic.Malware/Suspicious
Rising	Trojan.Generic/MSIL@AI.94 (RDM.MSIL:xofYDHD6n75i7FIUQK5uKQ)
Yandex	Riskware.Agent!Hu+hhVoSA+U
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_99%
AVG	Win32:Trojan-gen
Cybereason	malicious.06fc43
Panda	Trj/GdSda.A
MaxSecure	Trojan.Malware.300983.susgen

How to remove MSILPerseus.186546?

MSILPerseus.186546 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X