Trojan.MSIL.Agent

By ESGI Advisor in Trojans

Threat Scorecard

Ranking:	8,312
Threat Level:	80 % (High)
Infected Computers:	45,095

First Seen:	January 19, 2011
Last Seen:	February 25, 2024
OS(es) Affected:	Windows

Trojan.MSIL.Agent is a malicious trojan infection which uses malicious tricks to download nasty malware threats from the web. Trojan.MSIL.Agent penetrates and installs the infected computer system without a user's awareness or authorization when he/she open unidentified email attachment or image, use instant messaging, etc. Trojan.MSIL.Agent is often bundled with free downloadable software or a malicious website you visited that set Trojan.MSIL.Agent on your machine. Trojan.MSIL.Agent may track your Internet activities, steal user names and passwords, credit card numbers and other private details. Trojan.MSIL.Agent is a serious threat for the PC system and has to be removed immediately.

Table of Contents

SpyHunter Detects & Remove Trojan.MSIL.Agent

File System Details

Trojan.MSIL.Agent may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	marshall.exe	979750935a9c5ae663c2ce1903c24385	1,879
Name: marshall.exe MD5: 979750935a9c5ae663c2ce1903c24385 Size: 1.22 MB (1227232 bytes) Detections: 1,879 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\appdata\local\temp\is-asrai.tmp\marshall.exe Group: Malware file Last Updated: June 26, 2020
2.	CjvK0cDVXH.exe	5488a8d14687c9e6ab0444ce895980c0	158
Name: CjvK0cDVXH.exe MD5: 5488a8d14687c9e6ab0444ce895980c0 Size: 1.17 MB (1175040 bytes) Detections: 158 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\CjvK0cDVXH.exe Group: Malware file Last Updated: June 27, 2020
3.	MicrosoftcriticalUpdate.exe	51b4290905850a74f321abfd4826f790	77
Name: MicrosoftcriticalUpdate.exe MD5: 51b4290905850a74f321abfd4826f790 Size: 50.68 KB (50688 bytes) Detections: 77 Type: Executable File Path: C:\WINDOWS\SysWOW64 Group: Malware file Last Updated: April 22, 2020
4.	AppVShNotifyt-t.exe	0b925cbf8479752674161740b0a3e30f	56
Name: AppVShNotifyt-t.exe MD5: 0b925cbf8479752674161740b0a3e30f Size: 41.98 KB (41984 bytes) Detections: 56 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\AppVShNotifyt-t.exe Group: Malware file Last Updated: June 26, 2020
5.	vstools.exe	a3e71acf4cb478d9d108d393f65017d8	42
Name: vstools.exe MD5: a3e71acf4cb478d9d108d393f65017d8 Size: 417.28 KB (417280 bytes) Detections: 42 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\Workspace\vstools.exe Group: Malware file Last Updated: June 26, 2020
6.	Windows10.exe	4887164f96bcf1db190d7478f2e86649	32
Name: Windows10.exe MD5: 4887164f96bcf1db190d7478f2e86649 Size: 851.45 KB (851456 bytes) Detections: 32 Type: Executable File Path: %ALLUSERSPROFILE%\Win10 Group: Malware file Last Updated: November 18, 2016
7.	JavaUpdateScheduler.exe	7cb90715f870cd08240e1ba8a8c13635	28
Name: JavaUpdateScheduler.exe MD5: 7cb90715f870cd08240e1ba8a8c13635 Size: 253.95 KB (253952 bytes) Detections: 28 Type: Executable File Path: %USERPROFILE%\AppData\Roaming\Java Group: Malware file Last Updated: December 17, 2016
8.	JavaUpdateScheduler.exe	8c41c22508935974cc00098e1076d1a1	26
Name: JavaUpdateScheduler.exe MD5: 8c41c22508935974cc00098e1076d1a1 Size: 315.39 KB (315392 bytes) Detections: 26 Type: Executable File Path: %APPDATA%\Java Group: Malware file Last Updated: December 17, 2016
9.	JavaUpdateScheduler.exe	6ad9a97b081f3c16a17280fa9f7d31c4	24
Name: JavaUpdateScheduler.exe MD5: 6ad9a97b081f3c16a17280fa9f7d31c4 Size: 249.85 KB (249856 bytes) Detections: 24 Type: Executable File Path: %APPDATA%\Java Group: Malware file Last Updated: December 17, 2016
10.	systemstr_Part1.dll	b841325c980d8fb926a41dc6ec4db8f4	23
Name: systemstr_Part1.dll MD5: b841325c980d8fb926a41dc6ec4db8f4 Size: 6.14 KB (6144 bytes) Detections: 23 Type: Dynamic link library Path: C:\Users\<username>\Desktop\AMIR\Users\<username>\AppData\Roaming\Microsoft\Windows\Templates\systemstr\systemstr_Part1.dll Group: Malware file Last Updated: September 28, 2022
11.	JavaUpdateScheduler.exe	e1ae4c3495090a6e0f3c9413110e34aa	21
Name: JavaUpdateScheduler.exe MD5: e1ae4c3495090a6e0f3c9413110e34aa Size: 245.76 KB (245760 bytes) Detections: 21 Type: Executable File Path: %APPDATA%\Java Group: Malware file Last Updated: December 17, 2016
12.	JavaUpdateScheduler.exe	db3cc99ff39e32535529e3e3bed1e7ba	20
Name: JavaUpdateScheduler.exe MD5: db3cc99ff39e32535529e3e3bed1e7ba Size: 249.85 KB (249856 bytes) Detections: 20 Type: Executable File Path: %USERPROFILE%\AppData\Roaming\Java Group: Malware file Last Updated: December 17, 2016
13.	thostmgr.exe	a1b90f379bae1ab0299c9c673a8eae9f	17
Name: thostmgr.exe MD5: a1b90f379bae1ab0299c9c673a8eae9f Size: 6.14 KB (6144 bytes) Detections: 17 Type: Executable File Path: %APPDATA%\Temp\TasksHost Group: Malware file Last Updated: March 10, 2017
14.	Files Manager_Part1.dll	042feaf877eeafa0f573c14eec1036fc	13
Name: Files Manager_Part1.dll MD5: 042feaf877eeafa0f573c14eec1036fc Size: 6.14 KB (6144 bytes) Detections: 13 Type: Dynamic link library Path: C:\ProgramData\Files Manager\Files Manager_Part1.dll Group: Malware file Last Updated: July 28, 2021
15.	thostmgr.exe	6ea6cbc919b13767e388383eeb6a6c10	10
Name: thostmgr.exe MD5: 6ea6cbc919b13767e388383eeb6a6c10 Size: 6.14 KB (6144 bytes) Detections: 10 Type: Executable File Path: %APPDATA%\Temp\TasksHost Group: Malware file Last Updated: March 10, 2017
16.	Files Manager_Part1.dll	4cbdfe37b9a120fe7f3b83e217f23277	10
Name: Files Manager_Part1.dll MD5: 4cbdfe37b9a120fe7f3b83e217f23277 Size: 6.14 KB (6144 bytes) Detections: 10 Type: Dynamic link library Path: D:\ProgramData\Files Manager\Files Manager_Part1.dll Group: Malware file Last Updated: December 14, 2021
17.	thostmgr (1).exe	8ac35832dbbf69db8ed01bf732dfa0a0	10
Name: thostmgr (1).exe MD5: 8ac35832dbbf69db8ed01bf732dfa0a0 Size: 6.14 KB (6144 bytes) Detections: 10 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Temp\TasksHost\thostmgr (1).exe Group: Malware file Last Updated: January 14, 2022
18.	Windows10.exe	993fbf24daf1888811dd7b95dffef401	9
Name: Windows10.exe MD5: 993fbf24daf1888811dd7b95dffef401 Size: 698.88 KB (698880 bytes) Detections: 9 Type: Executable File Path: %ALLUSERSPROFILE%\Win10 Group: Malware file Last Updated: November 18, 2016
19.	System Disks Storage_Part1.dll	4ea010bdcbf011e94c9da553eca8b7b2	4
Name: System Disks Storage_Part1.dll MD5: 4ea010bdcbf011e94c9da553eca8b7b2 Size: 6.14 KB (6144 bytes) Detections: 4 Type: Dynamic link library Path: C:\Users\<username>\AppData\Local\Temp\System Disks Storage\System Disks Storage_Part1.dll Group: Malware file Last Updated: August 31, 2021
20.	thostmgr.exe	f7dba216724fc32d86199a70e24d3865	4
Name: thostmgr.exe MD5: f7dba216724fc32d86199a70e24d3865 Size: 6.14 KB (6144 bytes) Detections: 4 Type: Executable File Path: %APPDATA%\Temp\TasksHost Group: Malware file Last Updated: March 10, 2017
21.	Files Manager_Part1.dll	a9ae84d53c70fffbc9becddffd7f498d	3
Name: Files Manager_Part1.dll MD5: a9ae84d53c70fffbc9becddffd7f498d Size: 6.14 KB (6144 bytes) Detections: 3 Type: Dynamic link library Path: C:\ProgramData\Files Manager\Files Manager_Part1.dll Group: Malware file Last Updated: August 2, 2023
22.	5beaedad620926c7d78777eeb702b8a1.exe	b5ad362fe8b6f4ada91b84d9bf3eb8a8	3
Name: 5beaedad620926c7d78777eeb702b8a1.exe MD5: b5ad362fe8b6f4ada91b84d9bf3eb8a8 Size: 231.42 KB (231424 bytes) Detections: 3 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: March 28, 2018
23.	thostmgr.exe	6088d12bc928f2a469f14b5e96b13698	2
Name: thostmgr.exe MD5: 6088d12bc928f2a469f14b5e96b13698 Size: 6.14 KB (6144 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\Temp\TasksHost Group: Malware file Last Updated: March 10, 2017
24.	thostmgr.exe	31f044b4d7d921ac3e86842b366a424b	2
Name: thostmgr.exe MD5: 31f044b4d7d921ac3e86842b366a424b Size: 6.14 KB (6144 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\Temp\TasksHost Group: Malware file Last Updated: March 10, 2017
25.	mdn.exe	6f7ae7991e1dd6c0a1c8153e61bd378c	1
Name: mdn.exe MD5: 6f7ae7991e1dd6c0a1c8153e61bd378c Size: 279.55 KB (279552 bytes) Detections: 1 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\mdn\mdn.exe Group: Malware file Last Updated: June 26, 2020
26.	sourcehash{8220eefe-38cd-377e-8595-13398d740ace}	263ab98632ed4c32a7f3af02de7f080b	1
Name: sourcehash{8220eefe-38cd-377e-8595-13398d740ace} MD5: 263ab98632ed4c32a7f3af02de7f080b Size: 20.48 KB (20480 bytes) Detections: 1 Path: c:\windows\installer Group: Malware file Last Updated: August 29, 2019
27.	C:\Documents and Settings\\Start Menu\Trojan.MSIL.Agent\ C:\Documents and Settings\\Trojan.MSIL.Agent\ and delete
Name: C:\Documents and Settings\<username>\Start Menu\Trojan.MSIL.Agent\ C:\Documents and Settings\<username>\Trojan.MSIL.Agent\ and delete Group: Malware file
28.	%PROGRAM_FILES%\Trojan.MSIL.Agent
Name: %PROGRAM_FILES%\Trojan.MSIL.Agent Group: Malware file
29.	viafile.exe	f37d28e6663b0ce28f6c4f59294e3dd6	0
Name: viafile.exe MD5: f37d28e6663b0ce28f6c4f59294e3dd6 Size: 287.23 KB (287232 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: October 13, 2017

More files

Registry Details

Trojan.MSIL.Agent may create the following registry entry or registry entries:

Regexp file mask

%ALLUSERSPROFILE%\Application Data\UpdateService\UpdateService.exe

%ALLUSERSPROFILE%\GameConfig\Gameconfig.exe

%ALLUSERSPROFILE%\Intel\iusb3.exe

%ALLUSERSPROFILE%\syscall.exe

%ALLUSERSPROFILE%\Updates\MicrosoftSecurityClient.exe

%ALLUSERSPROFILE%\UpdateService\UpdateService.exe

%APPDATA%\Bonjour mDNS Responder.exe

%APPDATA%\Java\JavaUpdateScheduler.exe

%APPDATA%\Microsoft\dwmDesktop.exe

%APPDATA%\Microsoft\Network\Connections\hostdl.exe

%APPDATA%\Microsoft\Windows\Start Menu\Client.exe

%APPDATA%\Microsoft\Windows\Templates\vmnethcp.exe

%APPDATA%\suchost.exe

%APPDATA%\ViaFile.EXE

%APPDATA%\view\viewU{0,1}.exe

%APPDATA%\Workspace\vstools.exe

%appdata%\xmscl.exe

%LOCALAPPDATA%\AppVShNotify[RANDOM CHARACTERS].exe

%TEMP%\SystemServices\[RANDOM CHARACTERS].exe

%USERPROFILE%\Documents\IISExpress\Config\MicrosoftIISAdministration.exe

%USERPROFILE%\Documents\IISExpress\Config\Updates\AU3_EXE11.exe

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsegui.exe "Debugger" = 'svchost.exe'

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsmpeng.exe "Debugger" = 'svchost.exe'

HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWinlogon "Shell" = '%UserProfile%Application Data[SET OF RANDOM CHARACTERS].exe'

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsascui.exe "Debugger" = 'svchost.exe'

HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWinlogon "Shell" = '%UserProfile%Application DataMicrosoft[SET OF RANDOM CHARACTERS].exe'

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsekrn.exe "Debugger" = 'svchost.exe'

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsseces.exe "Debugger" = 'svchost.exe'

Directories

Trojan.MSIL.Agent may create the following directory or directories:

%APPDATA%\Temp\TasksHost

%APPDATA%\ViaFolder

%APPDATA%\kna

%userprofile%\Documents\IISExpress\Nonce

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Trojan.MSIL.Agent

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Trojan.MSIL.Agent

File System Details

Registry Details

Directories

Submit Comment

Trending

Diftefum.co.in

Toapodazoay.com

Creative.mnaspm.com

Most Viewed

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error

What is Msedge.exe?