Troj/Agent-AYVV malicious file

The Troj/Agent-AYVV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Troj/Agent-AYVV virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Troj/Agent-AYVV?


File Info:
name: B0FF9E0E9762594CDDAF.mlw
path: /opt/CAPEv2/storage/binaries/8ae125d73b7cad47b37e8ccac701a94effa9f614c962fe6e2f9c302ec9a7db31
crc32: 6C3196B7
md5: b0ff9e0e9762594cddaf8ccb8fc9caca
sha1: b3cdd32fe0f9b316d05f5698e843a226dc3a81ec
sha256: 8ae125d73b7cad47b37e8ccac701a94effa9f614c962fe6e2f9c302ec9a7db31
sha512: 1f8926039323db3cba407037bf7812d94c3b97b29b0110f93096eea35e291b47519f832e391856b22c0199624b1dabbaf695bdcf9ef04782c91f14a0cedafa5e
ssdeep: 12288:fFt1+YJ2VYMHq8GhDFQGFNrIyUNWPuLjZpzbf3yD8JCjpB:fFt1LuqJhDqGFeyUQPurCD8JCjr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B7158E13B6A291F5C104057019BF7737EA759B4A0A35CBC7A398DD2C7E332A0B626379
sha3_384: d3d4a23f2749a5b37b679951b4dd9c972806248dbbae1e0691cf7a1186a8043c0a063a1e519137336c066c2d067dbb3c
ep_bytes: 558bec6aff68c08a4b0068e430450064
timestamp: 2010-08-05 03:26:14

Version Info:
Comments: ipsee46920
CompanyName: ipsee46920
FileDescription: ipsee46920
FileVersion: 1,0,0,0
ÃùÐ»: ´óÓÐÎâÌÎÒ×ÓïÑÔÈí¼þ¿ª·¢ÓÐÏÞ¹«Ë¾
±à³ÌÓïÑÔ: 12ÕýÊ½ÆóÒµ°æ
Translation: 0x0804 0x04b0

Troj/Agent-AYVV also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.lx2b
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.74353
ClamAV	Win.Malware.Ursu-6804445-0
FireEye	Trojan.GenericKDZ.74353
CAT-QuickHeal	Trojan.Mauvaise.SL1
McAfee	Packed-FEK
Cylance	unsafe
Zillya	Trojan.Genome.Win32.253016
Sangfor	Suspicious.Win32.Save.ins
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	Trojan:Win32/Dynamer.1034
K7GW	Trojan ( 005246d51 )
K7AntiVirus	Trojan ( 005246d51 )
VirIT	Trojan.Win32.OLG.CEKH
Cyren	W32/S-47c1ea66!Eldorado
Symantec	SMG.Heur!gen
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Trojan.GenericKDZ.74353
Tencent	Trojan-PSW.Win32.Agent.ka
TACHYON	Trojan/W32.Agent.888832.KI
Sophos	Troj/Agent-AYVV
F-Secure	Trojan:W32/DelfInject.R
DrWeb	Trojan.DownLoad4.7570
VIPRE	Trojan.GenericKDZ.74353
TrendMicro	TROJ_DYNAMER_FI08029A.UVPM
McAfee-GW-Edition	BehavesLike.Win32.Generic.ch
Emsisoft	Trojan.GenericKDZ.74353 (B)
SentinelOne	Static AI – Malicious PE
GData	Win32.Trojan.PSE.1THOGOA
Jiangmin	Hoax.Agent.adv
Antiy-AVL	Trojan/Win32.Genome
Xcitium	Worm.Win32.Dropper.RA@1qraug
Arcabit	Trojan.Generic.D12271
Microsoft	Trojan:Win32/SystemBC.psyI!MTB
Google	Detected
AhnLab-V3	Trojan/Win32.Agent.R262331
Acronis	suspicious
ALYac	Trojan.GenericKDZ.74353
MAX	malware (ai score=87)
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_DYNAMER_FI08029A.UVPM
Rising	Trojan.SystemBC!8.16BC0 (C64:YzY0OgNc+3ttpOq8)
Ikarus	Trojan.Win32.Agent
Fortinet	W32/GenericKDZ.74353!dam
DeepInstinct	MALICIOUS

How to remove Troj/Agent-AYVV?

Troj/Agent-AYVV removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X