How to remove “IL:Trojan.MSILZilla.81985”?

The IL:Trojan.MSILZilla.81985 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.81985 virus can do?

Authenticode signature is invalid

How to determine IL:Trojan.MSILZilla.81985?


File Info:
name: 89E536968CC0866DE0DE.mlw
path: /opt/CAPEv2/storage/binaries/3711fafbf2ef64251e23d7b2d69e8c3ef5398a4be65965a8bfa2e0af0ac6dd78
crc32: 9BCDF25B
md5: 89e536968cc0866de0de4a020f8a2ac4
sha1: 1ccfe55d26ff3789d1e303c98b8dfb2434b7afd7
sha256: 3711fafbf2ef64251e23d7b2d69e8c3ef5398a4be65965a8bfa2e0af0ac6dd78
sha512: 55d00da24a53aee646901761151f3d63cdf9fdeb095c3731cc36563fa02af2f9317467f42135b94303d601a01450100f04122bd9635153c35cc7484c82af6ebd
ssdeep: 3072:reUSRy8VG9BkSidb9a96lRa4KPROsOPwg8:S/IQdb9aMlJKIsm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16CC36C3D6B8F4FE1D98C837640CB90940AB1E207DB33E609698583B91D12A7FDE257D6
sha3_384: dbc7aaa4b05a52f553bbaf3e5e32b8e97e8fac4426d9a3ff3e020c19a5b00a4c3df428ee3fa96533604df270cee936e9
ep_bytes: ff250020400000000000000000000000
timestamp: 2024-02-23 02:34:18

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 1.0.0.0
InternalName: XClient.exe
LegalCopyright:  
OriginalFilename: XClient.exe
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

IL:Trojan.MSILZilla.81985 also known as:

Bkav	W32.AIDetectMalware.CS
Elastic	malicious (high confidence)
MicroWorld-eScan	IL:Trojan.MSILZilla.81985
Skyhigh	BehavesLike.Win32.Generic.ch
Cylance	unsafe
Sangfor	Virus.Win32.Save.a
K7AntiVirus	Trojan ( 00592e8b1 )
K7GW	Trojan ( 00592e8b1 )
Cybereason	malicious.d26ff3
VirIT	Trojan.Win32.MSIL_Heur.B
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of MSIL/Agent.DWN
APEX	Malicious
BitDefender	IL:Trojan.MSILZilla.81985
Avast	Win32:MalwareX-gen [Trj]
Emsisoft	IL:Trojan.MSILZilla.81985 (B)
F-Secure	Trojan.TR/ATRAPS.Gen
DrWeb	BackDoor.SiggenNET.71
VIPRE	IL:Trojan.MSILZilla.81985
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.89e536968cc0866d
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan.MSIL.Bladabindi
Google	Detected
Avira	TR/ATRAPS.Gen
Microsoft	Trojan:MSIL/AsyncRAT!atmn
Arcabit	IL:Trojan.MSILZilla.D14041
GData	IL:Trojan.MSILZilla.81985
AhnLab-V3	Trojan/Win.Generic.C5418816
VBA32	Malware-Cryptor.MSIL.AgentTesla.Heur
ALYac	IL:Trojan.MSILZilla.81985
MAX	malware (ai score=87)
Malwarebytes	Backdoor.XWorm
Rising	Trojan.Bladabindi!8.C7 (TFE:dGZlOg0IwvzWOlxFmA)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.DWN!tr
BitDefenderTheta	Gen:NN.ZemsilF.36744.hm0@aqFiwqj
AVG	Win32:MalwareX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove IL:Trojan.MSILZilla.81985?

IL:Trojan.MSILZilla.81985 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X