Backdoor

Backdoor.MSIL.Agent.zyg removal tips

Malware Removal

The Backdoor.MSIL.Agent.zyg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.MSIL.Agent.zyg virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Backdoor.MSIL.Agent.zyg?



File Info:

crc32: F7406C8C
md5: a1b4d8bc1bbcf9218ac030002edd3271
name: xps2pdf.exe
sha1: 49f3c2b87989c59cee7e7102c969726d3dacd16b
sha256: 94bfaaad16399c3e7c3c3a223ba7f578bb8327b20b38d174f5d54fa8f919a0ff
sha512: 7f82e0313785d0d8aaac16fd5433428c0598c3032a44841209631d090a162581207e013495a27da3fd578f857905fab9511e68a0bc5158be05a27785928e5749
ssdeep: 24576:L4wQMwSLRiW6GXlG9p1W2HcuRfh1E5+YGPyidLaR2yQAW:kTGLsWvlaW2H3Rfh6g/aidLaR2yQx
type: MS-DOS executable, MZ for MS-DOS


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2009 NSnaiL
Assembly Version: 1.0.0.0
InternalName: xps2pdf.exe
FileVersion: 1.0.0.0
Comments: x5c06xpsx6587x6863x8f6cx6362x4e3apdfx6587x6863.
ProductName: xps2pdf
ProductVersion: 1.0.0.0
FileDescription: xps2pdf
OriginalFilename: xps2pdf.exe

Backdoor.MSIL.Agent.zyg also known as:

FireEyeGeneric.mg.a1b4d8bc1bbcf921
CAT-QuickHealBackdoor.MSIL
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusRiskware ( 0040eff71 )
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_80% (W)
TrendMicroTROJ_GEN.R002C0RJJ19
APEXMalicious
GDataWin32.Trojan.Agent.9U0N0B
KasperskyBackdoor.MSIL.Agent.zyg
AlibabaBackdoor:MSIL/Generic.7e072e92
NANO-AntivirusTrojan.Win32.MdropCE.fpzqhk
AegisLabTrojan.Win32.Generic.4!c
RisingBackdoor.Agent!8.C5D (CLOUD)
Endgamemalicious (high confidence)
SophosMal/Mdrop-CE
ZillyaTrojan.Generic.Win32.21104
Invinceaheuristic
Trapminemalicious.moderate.ml.score
IkarusTrojan.Win32.Agent
MaxSecureTrojan.Malware.7164915.susgen
WebrootW32.Gen.Bt
Antiy-AVLTrojan/Win32.AGeneric
ZoneAlarmBackdoor.MSIL.Agent.zyg
MicrosoftTrojan:Win32/Tiggre!rfn
VBA32TScope.Trojan.MSIL
TrendMicro-HouseCallTROJ_GEN.R002C0RJJ19
SentinelOneDFI – Malicious PE
eGambitGeneric.Malware
FortinetW32/Generic.CE!tr
AVGWin32:Malware-gen
Cybereasonmalicious.87989c
AvastWin32:Malware-gen

How to remove Backdoor.MSIL.Agent.zyg?

Backdoor.MSIL.Agent.zyg removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment