MSIL/Spy.Agent.EMZ removal

The MSIL/Spy.Agent.EMZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Spy.Agent.EMZ virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine MSIL/Spy.Agent.EMZ?


File Info:
name: 874F1DB63B3D1398778F.mlw
path: /opt/CAPEv2/storage/binaries/d31d1fa8ccd3b23af503d0ea32f4dec9c98a99195203350b8521b62398275630
crc32: 08F0511D
md5: 874f1db63b3d1398778fe0c526ab3c6e
sha1: 643291e0f5d5b55deca2cc401a358805aa60ce53
sha256: d31d1fa8ccd3b23af503d0ea32f4dec9c98a99195203350b8521b62398275630
sha512: bd72bc70c647a003c4e1fe7a2a65379ebb51f70c1e728f2f904ea174f9b0433d5dafd102813e0f5fe4cf8b43407e2c59e4b33d7f4ad64fba8c9e717090965f4d
ssdeep: 96:rxNlv/rn2JKbqXRh1frxx5XLa3SYYO+V579WbhRN6ylfwls+VVdzbN+Ehk9bvEzj:l/rn2JKb+RhHLsHM9WbhRNNWVdvyJu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19A02C706A7F84629D5FE9B7998B2530052B6F6935633CB0E1C8500FDAE32B49C953BE1
sha3_384: 2b9303e9695550355b701e6f3f0ff2dcd24e34e486b943851bce82c559de0defe8634e9aa809aa436cc7abbd65b8598c
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-08-02 17:44:45

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: d.exe
LegalCopyright:  
OriginalFilename: d.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/Spy.Agent.EMZ also known as:

DrWeb	Trojan.MulDrop21.36588
MicroWorld-eScan	IL:Trojan.MSILZilla.6980
ClamAV	Win.Malware.LuminosityLink-5710531-1
FireEye	Generic.mg.874f1db63b3d1398
CAT-QuickHeal	Trojan.GenericFC.S30154231
McAfee	GenericRXVW-XW!874F1DB63B3D
Malwarebytes	Trojan.Agent
K7AntiVirus	Trojan ( 700000121 )
K7GW	Trojan ( 700000121 )
Cybereason	malicious.0f5d5b
BitDefenderTheta	Gen:NN.ZemsilF.36348.am0@a4CK5@d
Cyren	W32/MSIL_Agent.FHD.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Spy.Agent.EMZ
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.MSIL.Agent.gen
BitDefender	IL:Trojan.MSILZilla.6980
Avast	Win32:SpywareX-gen [Trj]
VIPRE	IL:Trojan.MSILZilla.6980
McAfee-GW-Edition	BehavesLike.Win32.Downloader.xt
Trapmine	malicious.moderate.ml.score
Emsisoft	IL:Trojan.MSILZilla.6980 (B)
SentinelOne	Static AI – Malicious PE
GData	MSIL.Trojan-Spy.Agent.BNB
MAX	malware (ai score=86)
Arcabit	IL:Trojan.MSILZilla.D1B44
ZoneAlarm	HEUR:Trojan.MSIL.Agent.gen
Microsoft	Trojan:MSIL/Rzelt.A!MTB
Google	Detected
AhnLab-V3	Trojan/Win.RealProtect-LS.C5420968
Acronis	suspicious
Cylance	unsafe
APEX	Malicious
Ikarus	Trojan.MSIL.Spy
Fortinet	MSIL/Agent_AGen.AZ!tr.spy
AVG	Win32:SpywareX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (D)

How to remove MSIL/Spy.Agent.EMZ?

MSIL/Spy.Agent.EMZ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X