The Backdoor:MSIL/RemcosInjector!MTB file is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
What Backdoor:MSIL/RemcosInjector!MTB virus can do?
- Suspicious activity
How to determine Backdoor:MSIL/RemcosInjector!MTB?
General:
Operating System: Windows 7 / 8 / 8.1 / 10 Virus Name: ML.Attribute.HighConfidence
File Info:
Name: fixo.exe
Size: 1258496
Type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5: 79bd86c9c1fc451d5559e60869e7b8d4
SHA1: a00c8ed1c781e5bdd85da21c70a0271455c2f128
SH256: 5ed078848c38e4cac6f8e4297b5cbd2fe2107f86614f1e3ff775b1c439517987
Version Info:
[No Data]
Backdoor:MSIL/RemcosInjector!MTB also known as:
| ALYac | Spyware.AgentTesla |
| APEX | Malicious |
| Acronis | suspicious |
| Ad-Aware | Trojan.GenericKD.32673975 |
| AegisLab | Trojan.MSIL.Agensla.i!c |
| AhnLab-V3 | Malware/Win32.RL_Generic.C3544239 |
| Antiy-AVL | Trojan[PSW]/MSIL.Agensla |
| Arcabit | Trojan.Generic.D1F290B7 |
| BitDefender | Trojan.GenericKD.32673975 |
| BitDefenderTheta | Gen:NN.ZemsilF.32245.mnW@a4CxCAfi |
| CAT-QuickHeal | Trojanpws.Msil |
| CrowdStrike | win/malicious_confidence_60% (W) |
| Cybereason | malicious.1c781e |
| Cylance | Unsafe |
| Cyren | W32/Arrakis.HRAH-2214 |
| DrWeb | Trojan.PWS.Siggen2.37910 |
| ESET-NOD32 | a variant of MSIL/Kryptik.TNC |
| Endgame | malicious (high confidence) |
| FireEye | Generic.mg.79bd86c9c1fc451d |
| Fortinet | MSIL/Kryptik.TNC!tr |
| GData | Trojan.GenericKD.32673975 |
| Ikarus | Trojan.MSIL.Crypt |
| Jiangmin | Trojan.PSW.MSIL.ltp |
| K7AntiVirus | Trojan ( 0055abb51 ) |
| K7GW | Trojan ( 0055abb51 ) |
| Kaspersky | HEUR:Trojan-PSW.MSIL.Agensla.gen |
| MAX | malware (ai score=81) |
| Malwarebytes | Spyware.AgentTesla.MSIL |
| McAfee | GenericRXJA-LO!79BD86C9C1FC |
| McAfee-GW-Edition | Artemis!Trojan |
| MicroWorld-eScan | Trojan.GenericKD.32673975 |
| Microsoft | Backdoor:MSIL/RemcosInjector!MTB |
| Paloalto | generic.ml |
| Panda | Trj/GdSda.A |
| Qihoo-360 | Win32/Trojan.PSW.374 |
| Rising | Trojan.GenKryptik!8.AA55 (TFE:D:k0f0TM0oPeO) |
| SentinelOne | DFI – Suspicious PE |
| Sophos | Mal/Generic-S |
| Symantec | ML.Attribute.HighConfidence |
| TrendMicro | TROJ_GEN.R002C0WK319 |
| TrendMicro-HouseCall | TROJ_GEN.R002C0WK319 |
| VIPRE | Trojan.Win32.Generic!BT |
| Webroot | W32.Trojan.Gen |
| Yandex | Trojan.Kryptik!sY+bnSZ1fBE |
| Zillya | Trojan.Kryptik.Win32.1817361 |
| ZoneAlarm | HEUR:Trojan-PSW.MSIL.Agensla.gen |
How to remove Backdoor:MSIL/RemcosInjector!MTB?
- Download and install GridinSoft Anti-Malware.
- Open GridinSoft Anti-Malware and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Select proper browser and options – Click “Reset”.
- Restart your computer.
Leave a Comment