Trojan

MSIL/TrojanDownloader.Agent.ERE removal instruction

Malware Removal

The MSIL/TrojanDownloader.Agent.ERE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.ERE virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the shellcode patterns malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine MSIL/TrojanDownloader.Agent.ERE?



File Info:

name: EA5C6E550A887B8F83B7.mlw
path: /opt/CAPEv2/storage/binaries/7cc766c5ba5664cdd725fc2045d9760ff5bed6457903d712f508e0f4f00f647d
crc32: A90AC2F5
md5: ea5c6e550a887b8f83b748408a9f8f62
sha1: 9536244f512440df775ee8805daaf68b7b3e0143
sha256: 7cc766c5ba5664cdd725fc2045d9760ff5bed6457903d712f508e0f4f00f647d
sha512: 5a959020cc5b8f2c7d67e8d9e546aa5306a8a31eb911f9b3701cebb0fa3457cf5563cdc2b91d53090539dacda8d4b79055a9a5f45b3c37726d085b42cd239594
ssdeep: 6144:QfLQRoHRZjLZZRitkaDdjCtvkN0ArrTMyiT6wtplOZx0msmytg4IssFsyiv+IHmw:Qf5JZRiFCtvA0ArfMF9m1bsxyimIHmw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T106B42B177AD65D0FEC752E368AEBBA08469CED210D43C71B22A6717BD52930BCC3A5C4
sha3_384: 742a2db1e8c7f5dcfb32501dc601c7587cb7f9fffb11ce1de63a8ff08cfa80cefd673a7fca3e8b8cfad7df58df6664d5
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-06-13 05:48:21


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 1.0.0.0
InternalName: 1254765.exe
LegalCopyright: Copyright ©  2018
OriginalFilename: 1254765.exe
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/TrojanDownloader.Agent.ERE also known as:

BkavW32.AIDetectMalware.CS
AVGWin32:DropperX-gen [Drp]
MicroWorld-eScanTrojan.MSIL.Basic.6.Gen
FireEyeGeneric.mg.ea5c6e550a887b8f
CAT-QuickHealTrojan.MsilFC.S20327498
SkyhighGeneric.dva
McAfeeGeneric.dva
Cylanceunsafe
ZillyaTrojan.Crypt.Win32.43563
SangforSuspicious.Win32.Save.a
AlibabaTrojan:MSIL/Tasker.0f153434
K7GWTrojan ( 005302041 )
K7AntiVirusTrojan ( 005302041 )
VirITTrojan.Win32.Nanocore.X
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.ERE
APEXMalicious
AvastWin32:DropperX-gen [Drp]
KasperskyHEUR:Trojan.MSIL.Agent.gen
BitDefenderTrojan.MSIL.Basic.6.Gen
NANO-AntivirusTrojan.Win32.Dwn.fedhpq
ViRobotTrojan.Win32.Z.Agent.507904.VF
TencentMsil.Trojan-Downloader.Ader.Ztjl
EmsisoftTrojan-Downloader.Agent (A)
F-SecureHeuristic.HEUR/AGEN.1306855
DrWebTrojan.Nanocore.23
VIPRETrojan.MSIL.Basic.6.Gen
TrendMicroTROJ_DYNAMER.THFAHAH
Trapminemalicious.high.ml.score
SophosMal/Generic-S
JiangminTrojan.MSIL.jlti
WebrootW32.Trojan.Gen
VaristW32/MSIL_Agent.BF.gen!Eldorado
AviraHEUR/AGEN.1306855
MAXmalware (ai score=99)
Antiy-AVLTrojan/MSIL.Crypt
KingsoftWin32.Troj.Unknown.a
MicrosoftTrojan:MSIL/Tasker.G!MTB
XcitiumMalware@#ikn81h53r09a
ArcabitTrojan.MSIL.Basic.6.Gen
ZoneAlarmHEUR:Trojan.MSIL.Agent.gen
GDataTrojan.MSIL.Basic.6.Gen
GoogleDetected
AhnLab-V3Trojan/Win32.Dynamer.R250648
BitDefenderThetaGen:NN.ZemsilF.36804.Fm0@aiNW5mo
ALYacTrojan.MSIL.Basic.6.Gen
VBA32Downloader.MSIL.gen.rexp
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_DYNAMER.THFAHAH
RisingDownloader.Agent!8.B23 (CLOUD)
YandexTrojan.Crypt!6O1fvKGZaFs
IkarusTrojan-Downloader.MSIL.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.ERE!tr.dldr
DeepInstinctMALICIOUS
alibabacloudBackdoor:MSIL/Bladabhindi.J!MTB

How to remove MSIL/TrojanDownloader.Agent.ERE?

MSIL/TrojanDownloader.Agent.ERE removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment