Malware

How to remove “MSIL:GenMalicious-FI [Trj]”?

Malware Removal

The MSIL:GenMalicious-FI [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL:GenMalicious-FI [Trj] virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Sniffs keystrokes
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself

Related domains:

sory-new.no-ip.org

How to determine MSIL:GenMalicious-FI [Trj]?



File Info:

crc32: ED9D4D81
md5: 2b61c296be484f6ca19568b462a8addd
name: 2B61C296BE484F6CA19568B462A8ADDD.mlw
sha1: b28a6cdbe77f0cedbabeec9cf2015e46806cceb2
sha256: 008e3098446604f20f117c3f743a0116dd3b20a4c9650d2553e7a32dbe67b6c9
sha512: fd337a9d7157c880f7649d97bcb7fedee2f413e02aaf83d3f44f92b6c5e49a3c34490e34486ee706be3cafefb1400430cabbfde5c5602a3fa60f20be59dd9f88
ssdeep: 6144:g6+w3XrBwM9iRIkU7/JEGc215Sgk84MV+UWhlpake:P93twMga9EhA14/jAp
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2013
Assembly Version: 1.0.0.0
InternalName: Patch.exe
FileVersion: 1.0.0.0
ProductName: Patch
ProductVersion: 1.0.0.0
FileDescription: Patch
OriginalFilename: Patch.exe

MSIL:GenMalicious-FI [Trj] also known as:

K7AntiVirusTrojan ( 004d55391 )
DrWebTrojan.Starter.2890
CynetMalicious (score: 99)
ALYacGen:Variant.MSILPerseus.2346
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (D)
K7GWTrojan ( 004d55391 )
Cybereasonmalicious.6be484
CyrenW32/Trojan.FFZ.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Injector.CHW
APEXMalicious
AvastMSIL:GenMalicious-FI [Trj]
ClamAVWin.Packed.Manbat-6871292-0
KasperskyTrojan-Ransom.Win32.Blocker.dkrv
BitDefenderGen:Variant.MSILPerseus.2346
NANO-AntivirusTrojan.Win32.Blocker.dnastc
MicroWorld-eScanGen:Variant.MSILPerseus.2346
TencentWin32.Trojan.Blocker.Hsir
Ad-AwareGen:Variant.MSILPerseus.2346
SophosMal/Generic-R + Mal/Kryptik-AV
ComodoMalware@#20ltdt1nrr7om
BitDefenderThetaGen:NN.ZemsilF.34050.pm0@aWIZgR
VIPRETrojan.Win32.Generic.pak!cobra
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.2b61c296be484f6c
EmsisoftGen:Variant.MSILPerseus.2346 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1114246
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwS.B57845
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftBackdoor:Win32/Bladabindi!ml
ArcabitTrojan.MSILPerseus.D92A
SUPERAntiSpywareHeur.Agent/Gen-GalPic
ZoneAlarmTrojan-Ransom.Win32.Blocker.dkrv
GDataGen:Variant.MSILPerseus.2346
McAfeeArtemis!2B61C296BE48
MAXmalware (ai score=99)
MalwarebytesCrackTool.Agent.Keygen
PandaTrj/CI.A
YandexTrojan.Blocker!ShQZoQBPzys
IkarusBackdoor.Win32.Bifrose
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Generic.DN.1187F2!tr
AVGMSIL:GenMalicious-FI [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Blocker.HwMAEpsA

How to remove MSIL:GenMalicious-FI [Trj]?

MSIL:GenMalicious-FI [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment