Trojan.MSIL.InfoStealer.D removal instruction

The Trojan.MSIL.InfoStealer.D is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.MSIL.InfoStealer.D virus can do?

Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Trojan.MSIL.InfoStealer.D?


File Info:
name: 539973E138B2EE72AC60.mlw
path: /opt/CAPEv2/storage/binaries/f43ed1e67ea87ef859aee7335b758d44c209619de75a581f306569d9a00c42bf
crc32: F56CE8AD
md5: 539973e138b2ee72ac604f4f0540671b
sha1: e7b8ba15dd3b39199c9f03fab7af0ad2e9bca425
sha256: f43ed1e67ea87ef859aee7335b758d44c209619de75a581f306569d9a00c42bf
sha512: 5f0613cde28cda3e1cd1d7406e5ac51688fbfc979156716c79333817a466457f39f432a8cc3661ad8e1a44e12a7400dca72e24a5104de2a5106f6265d5a742ec
ssdeep: 768:pTKd4xtMuZLDd4UViDkmBq7gyxCjDuvTw2ET3sK03ZsaNTIm:xKdUtMq+5DrcICwPT3mlR
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T14F23E70177A8CA56E6BE0ABD74342D2C02F6F51B7921F7590EC1B4DD2E72B858504BE3
sha3_384: 6e128676b91a7be49870df9f9845790173dee71b7aa7773b2ef74c7c07432cecb52a2e9a76b43ab11815345e3a8e0554
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-08-31 13:01:23

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: credentials.exe
LegalCopyright:  
OriginalFilename: credentials.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Trojan.MSIL.InfoStealer.D also known as:

Lionic	Trojan.MSIL.Stealer.i!c
MicroWorld-eScan	IL:Trojan.MSILZilla.15602
ClamAV	Win.Packed.Msilperseus-9956591-0
FireEye	IL:Trojan.MSILZilla.15602
McAfee	Artemis!539973E138B2
Cylance	Unsafe
VIPRE	IL:Trojan.MSILZilla.15602
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Spyware ( 004bd3191 )
Alibaba	TrojanPSW:MSIL/Stealer.30c784b1
K7GW	Spyware ( 004bd3191 )
Cyren	W32/MSIL_Kryptik.DGZ.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Spy.Keylogger.AVQ
APEX	Malicious
Avast	Win32:SpywareX-gen [Trj]
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-PSW.MSIL.Stealer.gen
BitDefender	IL:Trojan.MSILZilla.15602
Rising	Stealer.Chrome!1.DA70 (CLASSIC)
Ad-Aware	IL:Trojan.MSILZilla.15602
Emsisoft	IL:Trojan.MSILZilla.15602 (B)
TrendMicro	TROJ_GEN.R002C0WHV22
McAfee-GW-Edition	Artemis!Trojan
Trapmine	suspicious.low.ml.score
Sophos	Mal/Generic-S
Paloalto	generic.ml
Avira	TR/AD.GenSteal.fnoji
Antiy-AVL	Trojan/Generic.ASMalwS.20F
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
ViRobot	Trojan.Win32.Z.Keylogger.46080
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Stealer.gen
GData	IL:Trojan.MSILZilla.15602
Google	Detected
AhnLab-V3	Malware/Win32.RL_Generic.C4282367
BitDefenderTheta	Gen:NN.ZemsilF.34646.cm0@aahaHWn
ALYac	IL:Trojan.MSILZilla.15602
MAX	malware (ai score=83)
VBA32	Trojan.MSIL.InfoStealer.gen.D
Malwarebytes	Malware.AI.3938811027
TrendMicro-HouseCall	TROJ_GEN.R002C0WHV22
Tencent	Msil.Trojan-QQPass.QQRob.Mcnw
SentinelOne	Static AI – Suspicious PE
Fortinet	MSIL/Agent.AES!tr
AVG	Win32:SpywareX-gen [Trj]
Panda	Trj/Chgt.AD
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan.MSIL.InfoStealer.D?

Trojan.MSIL.InfoStealer.D removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X