Malware

MSIL/Autorun.Agent.ET information

Malware Removal

The MSIL/Autorun.Agent.ET is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Autorun.Agent.ET virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the Paradox malware family

How to determine MSIL/Autorun.Agent.ET?



File Info:

name: 855B92444BBF18CA66CC.mlw
path: /opt/CAPEv2/storage/binaries/ab597217aa81699cd00d79ce8c1dccfe992d046a8505882c6d35318b2cc95f11
crc32: 783DB63F
md5: 855b92444bbf18ca66ccd52737efa734
sha1: 58c1944684f5be657108bcda5b0f52b5a45e2d2d
sha256: ab597217aa81699cd00d79ce8c1dccfe992d046a8505882c6d35318b2cc95f11
sha512: 6817d2048543ea22bf7d4f85b3d9eef8db7741e8048e2cacb5783272fc2397fc8661b5078c9bf9231998814cd5ca4131cdb9131e517ff301ebb8b6c078223bb9
ssdeep: 3072:01ENY7DQQ+iduqU/uQGDR5Sp4Wd0wUmmQQpCIb+:Mf/+Dt/uQr41wUF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T181C3A30C33807B16EDBD5AB90565E2215AFEEC33D622EF0D2DDA70DC067B3918A51B52
sha3_384: a44a15118a77347d6cadb3cf66748c6ba59056a896b81a11349f64a925c200d0cc227aa539e03ac0b57b323080974f83
ep_bytes: ff250020400000000000000000000000
timestamp: 2011-12-12 05:00:50


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 1.0.0.0
InternalName: ParadoxRAT Client.exe
LegalCopyright: Copyright ©  2011
OriginalFilename: ParadoxRAT Client.exe
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Autorun.Agent.ET also known as:

AVGMSIL:AutoRun-N [Wrm]
Elasticmalicious (high confidence)
MicroWorld-eScanIL:Trojan.MSILMamut.52754
FireEyeGeneric.mg.855b92444bbf18ca
McAfeeGenericRXIF-UZ!855B92444BBF
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 700000121 )
K7GWTrojan ( 700000121 )
Cybereasonmalicious.44bbf1
ESET-NOD32a variant of MSIL/Autorun.Agent.ET
CynetMalicious (score: 99)
APEXMalicious
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderIL:Trojan.MSILMamut.52754
NANO-AntivirusTrojan.Win32.MSILBV.dkgdmb
SUPERAntiSpywareTrojan.Agent/Gen-AutoRun
AvastMSIL:AutoRun-N [Wrm]
TencentMalware.Win32.Gencirc.10b13603
Ad-AwareIL:Trojan.MSILMamut.52754
EmsisoftIL:Trojan.MSILMamut.52754 (B)
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.DownLoader5.23064
VIPREIL:Trojan.MSILMamut.52754
TrendMicroWORM_AUTORUN_FE0600A9.UVPM
McAfee-GW-EditionGenericRXIF-UZ!855B92444BBF
SophosML/PE-A + Mal/MsilKlog-C
IkarusTrojan.SuspectCRC
GDataIL:Trojan.MSILMamut.52754
JiangminTrojan.Generic.adfdk
Webroot
AviraTR/Dropper.Gen
MAXmalware (ai score=89)
Antiy-AVLHackTool/MSIL.Flooder
ArcabitIL:Trojan.MSILMamut.DCE12
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win32.HDC.R94533
Acronissuspicious
BitDefenderThetaGen:NN.ZemsilF.34754.hq0@ayC6kQ
ALYacIL:Trojan.MSILMamut.52754
TACHYONTrojan/W32.DN-HackTool.120320
MalwarebytesTrojan.Agent.MSIL
TrendMicro-HouseCallWORM_AUTORUN_FE0600A9.UVPM
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:XZOkMu058yA6mHT/yUkd+A)
YandexTrojanSpy.Agent!q3sDJXwERmA
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.2588.susgen
FortinetMSIL/SpyPSW.AVQ!tr
CrowdStrikewin/malicious_confidence_90% (D)

How to remove MSIL/Autorun.Agent.ET?

MSIL/Autorun.Agent.ET removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment