Risk

RiskWare.Agent.EY removal tips

Malware Removal

The RiskWare.Agent.EY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What RiskWare.Agent.EY virus can do?

  • Creates RWX memory
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

How to determine RiskWare.Agent.EY?



File Info:

crc32: 4EB37651
md5: 259f9785e009327aeeb7ec78cd76a6ce
name: 259F9785E009327AEEB7EC78CD76A6CE.mlw
sha1: 9c35e1ceeef8dc5ebad90b6834e9c86030d95b89
sha256: 71c8078f354975ee3852a9e60c5a9b2b04aa1a9d81fda2c12c7a1236d1134bfe
sha512: 3e1c34416b812d1218beec2a9c23d51c84235cc52ac98f9ad8ff6fc718d7d9dd4ec5e7d25469223e6af50a455b7f178afa7f0618e371f1c4c6a89b2d99f87633
ssdeep: 12288:KsgWBeVXws+hShaO06ALkDj/6p46NRWpLyycdenfRL8BGDh7nMYRTQ0aHa:Kye2s++rIIDj/SLN8NHpoBGlonZ6
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: x4f5cx8005x7248x6743x6240x6709 x8bf7x5c0ax91cdx5e76x4f7fx7528x6b63x7248
FileVersion: 1.0.0.0
Comments: x672cx7a0bx5e8fx4f7fx7528x6613x8bedx8a00x7f16x5199(http://www.eyuyan.com)
ProductName: x6613x8bedx8a00x7a0bx5e8f
ProductVersion: 1.0.0.0
FileDescription: x6613x8bedx8a00x7a0bx5e8f
Translation: 0x0804 0x04b0

RiskWare.Agent.EY also known as:

FireEyeGeneric.mg.259f9785e009327a
McAfeeGeneric.gn
CylanceUnsafe
AegisLabTrojan.Multi.Generic.lpZC
K7GWAdware ( 0050718d1 )
K7AntiVirusAdware ( 0050718d1 )
Invinceaheuristic
TrendMicro-HouseCallTROJ_GEN.R014H06E619
GDataWin32.Application.PUPStudio.A
SUPERAntiSpywareTrojan.Agent/Gen-OnlineGames
Endgamemalicious (moderate confidence)
McAfee-GW-EditionBehavesLike.Win32.Flyagent.jc
Antiy-AVLGrayWare/Win32.FlyStudio.a
Acronissuspicious
VBA32BScope.Trojan.MulDrop
MalwarebytesRiskWare.Agent.EY
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
SentinelOneDFI – Malicious PE
eGambitUnsafe.AI_Score_95%
FortinetRiskware/Application
CrowdStrikewin/malicious_confidence_90% (D)

How to remove RiskWare.Agent.EY?

RiskWare.Agent.EY removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment