Should I remove “MSIL/Spy.Agent.GN”?

The MSIL/Spy.Agent.GN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Spy.Agent.GN virus can do?

Authenticode signature is invalid

How to determine MSIL/Spy.Agent.GN?


File Info:
name: 5AC89C3D4227034CA282.mlw
path: /opt/CAPEv2/storage/binaries/36ba2bd2f374b14e25ab5fdb4f168ef7c7ce97cf5a7ff32e43a835d1ebd0e513
crc32: 6EE46405
md5: 5ac89c3d4227034ca282d593cccf347c
sha1: 516ea764635426a9ab5a10bab09c51348e3ee39f
sha256: 36ba2bd2f374b14e25ab5fdb4f168ef7c7ce97cf5a7ff32e43a835d1ebd0e513
sha512: 8cc883feea92b5ef1a0de6fcbb34349f56b42660741117068732f99adfaddf3819b8f1551adff33e1c52f88aab52543095c2b8b14963194c0d3964884beb756e
ssdeep: 384:jGaRIorFBiFKx5v38y3QLp29Jub/mPkaVIKvtMNokpkjUo16wzDJ:CJorvjxZPAgyQRt/7jUo17
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1A7A2C50377ADCB04E5BF497DE9B2424E877465231911CB5F38C360AC79A7384990AEBB
sha3_384: d1c6cbee362d49b107b0c37ffd3f050e57594c629e18f59ad45dba9427c74c6a35d33a31ce864e3932320b222856b2d9
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-10-19 22:15:53

Version Info:
Translation: 0x0000 0x04b0
FileDescription: Windows Services
FileVersion: 1.0.0.1
InternalName: Botnet.exe
LegalCopyright:  
OriginalFilename: Botnet.exe
ProductName: Windows Services
ProductVersion: 1.0.0.1
Assembly Version: 1.0.0.1

MSIL/Spy.Agent.GN also known as:

Lionic	Trojan.Win32.Generic.l!c
MicroWorld-eScan	Trojan.GenericKD.62702202
ClamAV	Win.Malware.Razy-9936000-0
FireEye	Generic.mg.5ac89c3d4227034c
CAT-QuickHeal	Trojan.GenericFC.S20328618
ALYac	Trojan.GenericKD.62702202
Cylance	Unsafe
Zillya	Trojan.Agent.Win32.878125
Sangfor	Trojan.Win32.Generic.ky
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	TrojanSpy:Win32/SpywareX.badc9937
K7GW	Spyware ( 004ba6631 )
K7AntiVirus	Spyware ( 004ba6631 )
Cyren	W32/ABRisk.UATL-3890
Symantec	Trojan.Gen.MBT
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Spy.Agent.GN
Paloalto	generic.ml
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan-Spy.Win32.Generic
BitDefender	Trojan.GenericKD.62702202
NANO-Antivirus	Trojan.Win32.Agent.einvld
Avast	Win32:SpywareX-gen [Trj]
Tencent	Win32.Trojan-Spy.Generic.Edhl
Ad-Aware	Trojan.GenericKD.62702202
Emsisoft	Trojan.GenericKD.62702202 (B)
F-Secure	Heuristic.HEUR/AGEN.1203337
VIPRE	Trojan.GenericKD.62702202
TrendMicro	TROJ_GEN.R03BC0WJD22
McAfee-GW-Edition	Artemis!Trojan
Sophos	Generic PUA FB (PUA)
Ikarus	Trojan.MSIL.Spy
GData	Trojan.GenericKD.62702202
Jiangmin	TrojanSpy.Generic.dmh
Avira	HEUR/AGEN.1203337
Antiy-AVL	Trojan/Generic.ASMalwS.77B6
Arcabit	Trojan.Generic.D3BCC27A
ViRobot	Trojan.Win32.Z.Agent.22016.CII
ZoneAlarm	HEUR:Trojan-Spy.Win32.Generic
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win32.RL_Generic.C4197797
McAfee	RDN/Generic PWS.y
MAX	malware (ai score=85)
VBA32	Trojan.MSIL.gen.b.7
Malwarebytes	Backdoor.Bot
TrendMicro-HouseCall	TROJ_GEN.R03BC0WJD22
Rising	Trojan.Generic/MSIL@AI.95 (RDM.MSIL:oH+zbbkHO674EmEg928xNA)
SentinelOne	Static AI – Suspicious PE
Fortinet	MSIL/Agent.GN!tr.spy
BitDefenderTheta	Gen:NN.ZemsilF.34726.bm0@aaWskTl
AVG	Win32:SpywareX-gen [Trj]
Cybereason	malicious.d42270
Panda	Trj/GdSda.A

How to remove MSIL/Spy.Agent.GN?

MSIL/Spy.Agent.GN removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X