Malware

MSIL/PSW.Agent.RPT removal instruction

Malware Removal

The MSIL/PSW.Agent.RPT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/PSW.Agent.RPT virus can do?

    How to determine MSIL/PSW.Agent.RPT?

    

    File Info:
    
crc32: 1EC05BD3
    md5: 6b2ec425717f23cf5ece1e79d7de6566
    name: 6B2EC425717F23CF5ECE1E79D7DE6566.mlw
    sha1: 8fa1f82219fe917854e63beaa1e30d4196691504
    sha256: 866c4b1106a345e8fb50ca04c25d301a86e0b1e7db19a289bb5f89ffc4ac25bc
    sha512: dad1b0d41f9184a3a1df0d1f505f95ed015ce0eaf0a52a37e28413d1bf40d8686ffe7504cbfaabafa815a69312d284de55ca22bc634e2ed6e22a8d7f80f27da9
    ssdeep: 1536:WCPx0/ezrCNtitL4M/txYDTk31b0SqQWh7CrAZwGbdDEjF3p:WGm/ezrC7Vm+Q31b0bQWh7CrAZwbp
    type: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
    

    Version Info:
    
Translation: 0x0000 0x04b0
    LegalCopyright: Copyright xa9  2020
    Assembly Version: 1.0.0.0
    InternalName: TelegramRAT.exe
    FileVersion: 1.0.0.0
    CompanyName: 
    LegalTrademarks: 
    Comments: 
    ProductName: TelegramRAT
    ProductVersion: 1.0.0.0
    FileDescription: TelegramRAT
    OriginalFilename: TelegramRAT.exe

    MSIL/PSW.Agent.RPT also known as:

    Elasticmalicious (high confidence)
    DrWebTrojan.KeyloggerNET.41
    CynetMalicious (score: 100)
    CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
    CylanceUnsafe
    SangforTrojan.Win32.Save.a
    CrowdStrikewin/malicious_confidence_60% (D)
    Cybereasonmalicious.5717f2
    ESET-NOD32a variant of MSIL/PSW.Agent.RPT
    APEXMalicious
    AvastWin32:TrojanX-gen [Trj]
    KasperskyHEUR:Trojan.MSIL.Shelpak.gen
    BitDefenderGen:Heur.Ransom.HiddenTears.1
    MicroWorld-eScanGen:Heur.Ransom.HiddenTears.1
    Ad-AwareGen:Heur.Ransom.HiddenTears.1
    F-SecureHeuristic.HEUR/AGEN.1138205
    BitDefenderThetaGen:NN.ZemsilF.34670.gm0@aa5ScW
    McAfee-GW-EditionGenericRXNU-FV!6B2EC425717F
    FireEyeGeneric.mg.6b2ec425717f23cf
    EmsisoftTrojan.Generic (A)
    SentinelOneStatic AI – Malicious PE
    AviraHEUR/AGEN.1138205
    eGambitUnsafe.AI_Score_89%
    MicrosoftPWS:MSIL/AdamantiumTheif.GA!MTB
    ArcabitTrojan.Ransom.HiddenTears.1
    ZoneAlarmHEUR:Trojan.MSIL.Shelpak.gen
    GDataMSIL.Trojan.ClipBanker.F
    McAfeeGenericRXNU-FV!6B2EC425717F
    MAXmalware (ai score=84)
    MalwarebytesBackdoor.TelegramRAT
    RisingTrojan.AntiVM!1.CF63 (CLASSIC)
    IkarusTrojan.MSIL.PSW
    AVGWin32:TrojanX-gen [Trj]

    How to remove MSIL/PSW.Agent.RPT?

    MSIL/PSW.Agent.RPT removal tool
    • Download and install GridinSoft Anti-Malware.
    • Open GridinSoft Anti-Malware and perform a “Standard scan“.
    • Move to quarantine” all items.
    • Open “Tools” tab – Press “Reset Browser Settings“.
    • Select proper browser and options – Click “Reset”.
    • Restart your computer.

    You may also like

    About the author

    Paul Valéry

    I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

    View all posts

    Leave a Comment