Mal/Generic-R + Troj/MSIL-SCX removal guide

The Mal/Generic-R + Troj/MSIL-SCX is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Mal/Generic-R + Troj/MSIL-SCX virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Mal/Generic-R + Troj/MSIL-SCX?


File Info:
name: 348D75D450C0714089CF.mlw
path: /opt/CAPEv2/storage/binaries/d4bee9579a8ef3c1039a372aa6ef0d2d25538472766f5e54df6fcca8ceb69071
crc32: F28F6A62
md5: 348d75d450c0714089cfa995ba879678
sha1: a5d4a7f46bccec6129abbafb85bc6ae30078b399
sha256: d4bee9579a8ef3c1039a372aa6ef0d2d25538472766f5e54df6fcca8ceb69071
sha512: fc128ea3b42353f56ccc6f6bd7ea83e3155e4a2e47c6df9c6d2f586939d9e1b41189202595acde4fb82f4746a980a216b71e7ff3b717bd1bebce5e42b9dee4ec
ssdeep: 24576:D41QOTWlDEK3lnIxA3Xgz+AKEX3OpfW29+uBo5dz:yGj3lnksWKEn4z92
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FC352349692C6E74EA9C97B07CF58503077BA9982C06BFB82E4031ED5DD3F0A8B271D1
sha3_384: f249eae7099e3165505ac6e2440410d8e468f59a436e65ed27802932a09d0515fe6282c14438f089689de12cd5ab3ba9
ep_bytes: ff2500204000ff000000ff000000ff00
timestamp: 2021-12-08 00:47:33

Version Info:
Translation: 0x0000 0x04b0
Comments: A powerful API library for World of Warcraft.
CompanyName: Aevitas Enterprises
FileDescription: BlackRain
FileVersion: 1.3.0.0
InternalName: CspAlgorithmTy.exe
LegalCopyright: Copyright © Aevitas Enterprises 2010
LegalTrademarks: 
OriginalFilename: CspAlgorithmTy.exe
ProductName: BlackRain
ProductVersion: 1.3.0.0
Assembly Version: 1.3.0.0

Mal/Generic-R + Troj/MSIL-SCX also known as:

Lionic	Trojan.MSIL.Agensla.i!c
FireEye	Trojan.GenericKDZ.81408
McAfee	Artemis!348D75D450C0
Cylance	Unsafe
K7AntiVirus	Trojan ( 0058b93a1 )
Alibaba	Trojan:Win32/Kryptik.ali2000016
Cyren	W32/MSIL_Agent.CMI.gen!Eldorado
Symantec	MSIL.Packed.19
ESET-NOD32	a variant of MSIL/Kryptik.ADRM
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefender	Trojan.GenericKDZ.81408
MicroWorld-eScan	Trojan.GenericKDZ.81408
Avast	Win32:SpywareX-gen [Trj]
Ad-Aware	Trojan.GenericKDZ.81408
Sophos	Mal/Generic-R + Troj/MSIL-SCX
DrWeb	Trojan.Siggen16.1584
TrendMicro	TrojanSpy.MSIL.NEGASTEAL.SMG
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Trojan.Agent (A)
Ikarus	Trojan.Inject
GData	Trojan.GenericKDZ.81408
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:MSIL/AgentTesla.DQY!MTB
AhnLab-V3	Trojan/Win.Infostealer.R456991
ALYac	Gen:Variant.Ser.Lazy.156
MAX	malware (ai score=87)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Trojan.MalPack.ADC
TrendMicro-HouseCall	TrojanSpy.MSIL.NEGASTEAL.SMG
Yandex	Trojan.Igent.bW413Y.5
SentinelOne	Static AI – Suspicious PE
Fortinet	Malicious_Behavior.SB
AVG	Win32:SpywareX-gen [Trj]
Panda	Trj/GdSda.A
MaxSecure	Trojan.Malware.300983.susgen

How to remove Mal/Generic-R + Troj/MSIL-SCX?

Mal/Generic-R + Troj/MSIL-SCX removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X