Should I remove “MSIL/Agent.DSX”?

The MSIL/Agent.DSX is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Agent.DSX virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine MSIL/Agent.DSX?


File Info:
name: C915EA71FF4831AFC238.mlw
path: /opt/CAPEv2/storage/binaries/3168a1b042c23c7c2f2bf550dd111cce02fb13e47acb30249338421bd39aec28
crc32: 58109B16
md5: c915ea71ff4831afc238d97d8e8afe70
sha1: a0bbe8395ee20a3e925b153827357b56e654828f
sha256: 3168a1b042c23c7c2f2bf550dd111cce02fb13e47acb30249338421bd39aec28
sha512: c056f1298751d2fa5854412745a860c915644d254c456829445a2cb5a62905bcd5e9f311a56793e2ee16d0db112bba94a7d87eed03d7ee9c5482d25dd5511329
ssdeep: 768:3sbKd4Ncgyk+11MtcF0ZFOlDy/Iuic+Fca4lKcTacjc3cOc5cNJcwXwoVecjcecN:3sbotD92
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17C332B107DD610EEF37747B127DDBDFF0596F1F92A1E62B82022A6844B61AD4C862B34
sha3_384: 0056a858025ab9db82b15c41806ac40a4589d93268a5ee2a2fbe5bed3302aec1b898a46fd9930a6390b843bc8ae50153
ep_bytes: ff250020400000000000000000000000
timestamp: 2096-12-27 15:09:32

Version Info:
Translation: 0x0000 0x04b0
Comments: Host Process for Windows Services
CompanyName: 
FileDescription: 
FileVersion: 1.0.0.0
InternalName: Main.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: Main.exe
ProductName: 
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Agent.DSX also known as:

Lionic	Trojan.MSIL.Fsysna.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.48237793
FireEye	Generic.mg.c915ea71ff4831af
ALYac	Trojan.GenericKD.48237793
Cylance	Unsafe
Sangfor	Trojan.MSIL.Fsysna.gen
Cybereason	malicious.95ee20
BitDefenderTheta	Gen:NN.ZemsilF.34212.dm0@a0E1guc
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Agent.DSX
TrendMicro-HouseCall	TROJ_GEN.R002H0CB522
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.MSIL.Fsysna.gen
BitDefender	Trojan.GenericKD.48237793
Avast	Win32:MalwareX-gen [Trj]
Ad-Aware	Trojan.GenericKD.48237793
Emsisoft	Trojan.GenericKD.48237793 (B)
McAfee-GW-Edition	RDN/Generic.hbg
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.Agent
GData	Trojan.GenericKD.48237793
Avira	HEUR/AGEN.1203253
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Trojan-gen.C4956743
McAfee	RDN/Generic.hbg
MAX	malware (ai score=82)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Trojan.PowerShell
APEX	Malicious
SentinelOne	Static AI – Malicious PE
Fortinet	PossibleThreat.MTG.H
AVG	Win32:MalwareX-gen [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_90% (W)

How to remove MSIL/Agent.DSX?

MSIL/Agent.DSX removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X