Categories: Backdoor

Backdoor:MSIL/RemcosInjector!MTB removal tips

The Backdoor:MSIL/RemcosInjector!MTB file is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Backdoor:MSIL/RemcosInjector!MTB virus can do?

  • Suspicious activity

How to determine Backdoor:MSIL/RemcosInjector!MTB?



General:

Operating System: Windows 7 / 8 / 8.1 / 10
Virus Name: ML.Attribute.HighConfidence



File Info:


Name: fixo.exe
Size: 1258496
Type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5: 79bd86c9c1fc451d5559e60869e7b8d4
SHA1: a00c8ed1c781e5bdd85da21c70a0271455c2f128
SH256: 5ed078848c38e4cac6f8e4297b5cbd2fe2107f86614f1e3ff775b1c439517987
 
Version Info:
 [No Data]

Backdoor:MSIL/RemcosInjector!MTB also known as:

ALYac Spyware.AgentTesla
APEX Malicious
Acronis suspicious
Ad-Aware Trojan.GenericKD.32673975
AegisLab Trojan.MSIL.Agensla.i!c
AhnLab-V3 Malware/Win32.RL_Generic.C3544239
Antiy-AVL Trojan[PSW]/MSIL.Agensla
Arcabit Trojan.Generic.D1F290B7
BitDefender Trojan.GenericKD.32673975
BitDefenderTheta Gen:NN.ZemsilF.32245.mnW@a4CxCAfi
CAT-QuickHeal Trojanpws.Msil
CrowdStrike win/malicious_confidence_60% (W)
Cybereason malicious.1c781e
Cylance Unsafe
Cyren W32/Arrakis.HRAH-2214
DrWeb Trojan.PWS.Siggen2.37910
ESET-NOD32 a variant of MSIL/Kryptik.TNC
Endgame malicious (high confidence)
FireEye Generic.mg.79bd86c9c1fc451d
Fortinet MSIL/Kryptik.TNC!tr
GData Trojan.GenericKD.32673975
Ikarus Trojan.MSIL.Crypt
Jiangmin Trojan.PSW.MSIL.ltp
K7AntiVirus Trojan ( 0055abb51 )
K7GW Trojan ( 0055abb51 )
Kaspersky HEUR:Trojan-PSW.MSIL.Agensla.gen
MAX malware (ai score=81)
Malwarebytes Spyware.AgentTesla.MSIL
McAfee GenericRXJA-LO!79BD86C9C1FC
McAfee-GW-Edition Artemis!Trojan
MicroWorld-eScan Trojan.GenericKD.32673975
Microsoft Backdoor:MSIL/RemcosInjector!MTB
Paloalto generic.ml
Panda Trj/GdSda.A
Qihoo-360 Win32/Trojan.PSW.374
Rising Trojan.GenKryptik!8.AA55 (TFE:D:k0f0TM0oPeO)
SentinelOne DFI – Suspicious PE
Sophos Mal/Generic-S
Symantec ML.Attribute.HighConfidence
TrendMicro TROJ_GEN.R002C0WK319
TrendMicro-HouseCall TROJ_GEN.R002C0WK319
VIPRE Trojan.Win32.Generic!BT
Webroot W32.Trojan.Gen
Yandex Trojan.Kryptik!sY+bnSZ1fBE
Zillya Trojan.Kryptik.Win32.1817361
ZoneAlarm HEUR:Trojan-PSW.MSIL.Agensla.gen

How to remove Backdoor:MSIL/RemcosInjector!MTB?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
4 years ago

Recent Posts

NSIS/Injector.CMO removal guide

The NSIS/Injector.CMO is considered dangerous by lots of security experts. When this infection is active,…

6 mins ago

Trojan.Generic.35762198 malicious file

The Trojan.Generic.35762198 is considered dangerous by lots of security experts. When this infection is active,…

23 mins ago

Should I remove “Malware.AI.103442785”?

The Malware.AI.103442785 is considered dangerous by lots of security experts. When this infection is active,…

23 mins ago

Barys.438451 malicious file

The Barys.438451 is considered dangerous by lots of security experts. When this infection is active,…

34 mins ago

How to remove “Trojan.Generic.35785663”?

The Trojan.Generic.35785663 is considered dangerous by lots of security experts. When this infection is active,…

34 mins ago

Virus:Win32/Memery.HNS!MTB removal tips

The Virus:Win32/Memery.HNS!MTB is considered dangerous by lots of security experts. When this infection is active,…

59 mins ago