How to remove “MSIL/TrojanDropper.Agent.FID”?

The MSIL/TrojanDropper.Agent.FID is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/TrojanDropper.Agent.FID virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine MSIL/TrojanDropper.Agent.FID?


File Info:
name: 89046BB843A9F2BD3C1E.mlw
path: /opt/CAPEv2/storage/binaries/c05f6390b49fe4dfee7fe2d0f3c04e8914f0d36bce3e4951c550fe0ecb202954
crc32: 83548950
md5: 89046bb843a9f2bd3c1e33e7ce6b03af
sha1: acc4ae9f7be3d5c19f05e890a713227740b6b3fc
sha256: c05f6390b49fe4dfee7fe2d0f3c04e8914f0d36bce3e4951c550fe0ecb202954
sha512: 223dfac828369cdbf9f20ef30665808ea696064c70fc32d5bef152d2becafbda9dc94b73d9517f78d3326747f188c8e306343db5ea0b1708b76bdeb153819c23
ssdeep: 3072:ZZEy0Sns+b6kzmrfd0EHBAnpK37nXk8W0+Q7P74tyohTqK6gdRNXuL1VLfxJ6Jn+:nVns+b6kzmrfY8uh3qrKd8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12A143A4227E4CD6BEA7F57B5E4B107106BB4F1078162EB8A788C25E95B633405A133BF
sha3_384: 5787d2a8bcb4bcd9e05cfd22f8752b1d1038dc9db1238504305454716154813f2c82f8792ced2999040c7eabe36a0896
ep_bytes: ff253020430000000000000000000420
timestamp: 2022-06-09 21:41:08

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: com.exe
LegalCopyright:  
OriginalFilename: com.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/TrojanDropper.Agent.FID also known as:

Bkav	W32.AIDetectNet.01
MicroWorld-eScan	Gen:Variant.Bulz.248748
McAfee	GenericRXMU-LR!89046BB843A9
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 00575a1b1 )
K7GW	Trojan ( 00575a1b1 )
Cybereason	malicious.843a9f
Cyren	W32/MSIL_Kryptik.CVS.gen!Eldorado
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.FID
APEX	Malicious
Kaspersky	HEUR:Trojan-Dropper.MSIL.Dapato.gen
BitDefender	Gen:Variant.Bulz.248748
Avast	Win32:KeyloggerX-gen [Trj]
Rising	Trojan.Generic/MSIL@AI.100 (RDM.MSIL:iaB+ojpM2ooTYrs0oD8eww)
Ad-Aware	Gen:Variant.Bulz.248748
Emsisoft	Gen:Variant.Bulz.248748 (B)
McAfee-GW-Edition	GenericRXMU-LR!89046BB843A9
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.89046bb843a9f2bd
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan-Dropper.MSIL.Agent
GData	Gen:Variant.Bulz.248748
Avira	HEUR/AGEN.1241320
ZoneAlarm	HEUR:Trojan-Dropper.MSIL.Dapato.gen
Microsoft	Backdoor:Win32/Bladabindi!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Agent.C1103048
Acronis	suspicious
ALYac	Gen:Variant.Bulz.248748
MAX	malware (ai score=84)
Malwarebytes	Backdoor.Bladabindi
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/GenKryptik.EXAT!tr
BitDefenderTheta	Gen:NN.ZemsilF.34712.mm0@aGpZnz
AVG	Win32:KeyloggerX-gen [Trj]

How to remove MSIL/TrojanDropper.Agent.FID?

MSIL/TrojanDropper.Agent.FID removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X