Trojan-PSW.MSIL.RobloxStealer removal

The Trojan-PSW.MSIL.RobloxStealer is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-PSW.MSIL.RobloxStealer virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics
CAPE detected the Mercurial malware family

How to determine Trojan-PSW.MSIL.RobloxStealer?


File Info:
name: E7487F643C972CB26B72.mlw
path: /opt/CAPEv2/storage/binaries/559443e91699b27f9114f77fd21a407988ea2bdfa5d89574ce8cf3b59eba13e8
crc32: 9E290758
md5: e7487f643c972cb26b72cf16064b75b5
sha1: 40aee7542137249506663a12fc52d2d2f4b25008
sha256: 559443e91699b27f9114f77fd21a407988ea2bdfa5d89574ce8cf3b59eba13e8
sha512: e5068284dd047c60bee8862fe8bb993a983bff17fce8f0f948874f0b569e2925b9f66fdecca9392e2bf618d7ae4a4a4ada0760828e1d653d18b89d1efb4bc43b
ssdeep: 768:wscabfwOAi0/auQSwMuZsJe2WTjTKZKfgm3Ehrp:HcIIJe2WTvF7Exp
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T10A131748B7FD4B08F2FF4ABA6CB2516447B6B466AC32EB0E19845C5D0877B808950F77
sha3_384: 11ce061162c34717648316ca866f9de7a71d486cc2d7ca4c7d7058d678fc96a63ef4df2a93e266eb530a1e162b074d72
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-04-23 19:03:31

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: Synapse X.exe
LegalCopyright:  
OriginalFilename: Synapse X.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Trojan-PSW.MSIL.RobloxStealer also known as:

Bkav	W32.AIDetectNet.01
MicroWorld-eScan	IL:Trojan.MSILZilla.5183
CAT-QuickHeal	Trojan.MsilFC.S22016763
ALYac	IL:Trojan.MSILZilla.5183
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
Cyren	W32/MSIL_Agent.CPX.gen!Eldorado
Symantec	Infostealer
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/PSW.Discord.FC
APEX	Malicious
ClamAV	Win.Packed.Bulz-9868353-0
Kaspersky	HEUR:Trojan-PSW.MSIL.RobloxStealer.gen
BitDefender	IL:Trojan.MSILZilla.5183
Avast	Win32:MalwareX-gen [Trj]
Tencent	Trojan.Win32.Agent.wc
Ad-Aware	IL:Trojan.MSILZilla.5183
Emsisoft	Trojan-PSW.Agent (A)
F-Secure	Heuristic.HEUR/AGEN.1202476
DrWeb	Trojan.PWS.DiscordNET.50
Zillya	Trojan.Agent.Win32.2654229
McAfee-GW-Edition	BehavesLike.Win32.Generic.pm
FireEye	Generic.mg.e7487f643c972cb2
Sophos	ML/PE-A + Troj/Agent-BIIY
SentinelOne	Static AI – Malicious PE
GData	MSIL.Trojan-Stealer.DiscordStealer.D
Avira	HEUR/AGEN.1202476
Arcabit	IL:Trojan.MSILZilla.D143F
ZoneAlarm	HEUR:Trojan-PSW.MSIL.RobloxStealer.gen
Microsoft	PWS:MSIL/Mercurial!atmn
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Skeeyah.C3111103
Acronis	suspicious
McAfee	PWS-FDEB!E7487F643C97
MAX	malware (ai score=82)
Malwarebytes	Backdoor.NanoCore
Rising	Stealer.Mercurial!1.D7B6 (CLASSIC)
Ikarus	Trojan.MSIL.PSW
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.SHS!tr.pws
BitDefenderTheta	Gen:NN.ZemsilF.34606.cm0@a4IpOTl
AVG	Win32:MalwareX-gen [Trj]

How to remove Trojan-PSW.MSIL.RobloxStealer?

Trojan-PSW.MSIL.RobloxStealer removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X