Malware

MSIL/PSW.Agent.QRC removal

Malware Removal

The MSIL/PSW.Agent.QRC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/PSW.Agent.QRC virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine MSIL/PSW.Agent.QRC?



File Info:

name: 51E41A85EB633DBEC71E.mlw
path: /opt/CAPEv2/storage/binaries/22cff4ccd4598cb8a627d31afd2c32a4ebfdf8e1d3504dfb2eb69a6dba336506
crc32: 3B3F715D
md5: 51e41a85eb633dbec71eefe61afe5d84
sha1: 97c31f36c137476b05456e5822f1357eb8cc80d9
sha256: 22cff4ccd4598cb8a627d31afd2c32a4ebfdf8e1d3504dfb2eb69a6dba336506
sha512: 27850e9459a3b7deb0af50044060fb14d20938b0fc2a83b938b4c673c1e377666fde1338378a2a87d9a0b50fcd941539f4ad3324389a5a82fc9ef71df3b7fca4
ssdeep: 1536:A5Py2P47Txh9zDDtECuKP1OzOVLf8eTv1dQ5V/waO7mt4KJ5n2fs5LB+:Yy2Q7Tz9vxElKwyLfrvQvvO7u4Y2k5L0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12E93AE1777C88FA7E9BDCB393F61410013FBA819DB22F6DD2D44409E1FA75818A91752
sha3_384: 909d59e36b2f12e604ec2a139f0fc532e42a1bafd115b2bba8db2168a2995ec96d2c9b94ee1908266e9c3aed1b3c92ff
ep_bytes: ff250020400000000000000000000000
timestamp: 2012-03-04 13:20:08


Version Info:

Translation: 0x0000 0x04b0
CompanyName: Microsoft
FileDescription: Alertpay to Paypal Transfer
FileVersion: 1.0.0.0
InternalName: Alertpay to Paypal Transfer.exe
LegalCopyright: Copyright © Microsoft 2012
OriginalFilename: Alertpay to Paypal Transfer.exe
ProductName: Alertpay to Paypal Transfer
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/PSW.Agent.QRC also known as:

LionicTrojan.MSIL.Generic.4!c
McAfeeArtemis!51E41A85EB63
CylanceUnsafe
AlibabaTrojan:MSIL/Generic.6eea6092
Cybereasonmalicious.6c1374
SymantecML.Attribute.HighConfidence
ESET-NOD32MSIL/PSW.Agent.QRC
APEXMalicious
NANO-AntivirusTrojan.Win32.Agent.ecvjwm
TencentWin32.Trojan.Spy.Swky
SophosMal/Generic-S
ComodoMalware@#3paa2h0kkifc8
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis!Trojan
MaxSecureTrojan.Malware.300983.susgen
AviraTR/Spy.Gen
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
BitDefenderThetaGen:NN.ZemsilCO.34294.fq0@ayOzTtp
TrendMicro-HouseCallTROJ_GEN.R002H0CKN21
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_97%
FortinetMSIL/Agent.NQK!tr

How to remove MSIL/PSW.Agent.QRC?

MSIL/PSW.Agent.QRC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment