MSILPerseus.61154 removal guide

The MSILPerseus.61154 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSILPerseus.61154 virus can do?

Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine MSILPerseus.61154?


File Info:
name: C5C14C4306E1CE0EB865.mlw
path: /opt/CAPEv2/storage/binaries/a17d8d13c5fa273f70e5e84354124e55f03affa5fe08668f5de574432a785219
crc32: 1A2F5965
md5: c5c14c4306e1ce0eb8652aa132305c3a
sha1: 5de49b5d0c86f5bf69cf7f7aad24888c7c51d9ff
sha256: a17d8d13c5fa273f70e5e84354124e55f03affa5fe08668f5de574432a785219
sha512: 9fb60d270625de636100fc32d6e6b1683bad5833d2c7d1848f5ea45e0c7f6794b433f3265dcccac3bbe9c65259107f0b65c5d392067cd2d07af0c81cceca0c8e
ssdeep: 768:FpY4zg8dm++QeoZP7jfpY3Hv5F2649ZzWqYcn+EKkAqMh8t6lFd:048ohFK2ZziPcn/KkABJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19F43391712EEBDE6E47A1A313B3383C0C32DEE058617C62E19D87518E9BE15339923D8
sha3_384: f10c85d0f964ab7bd79cbfc8aca6cae29429e5dba08a3f6044c2df0f88ebbd8e48c55c8f2da4433aaafc0773f36bfdf2
ep_bytes: ff250020400000000000000000000000
timestamp: 2016-11-25 16:30:25

Version Info:
Translation: 0x0000 0x04b0
Comments: Microsoft
CompanyName: CopyRight Claimed
FileDescription: Explorer Windows
FileVersion: 1.1.1.1
InternalName: My Files.exe
LegalCopyright: Copyright ©  2019
LegalTrademarks: All right Reserved
OriginalFilename: My Files.exe
ProductName: Systeme32
ProductVersion: 1.1.1.1
Assembly Version: 1.1.1.1

MSILPerseus.61154 also known as:

Lionic	Trojan.MSIL.SpyGate.m!c
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader10.61384
MicroWorld-eScan	Gen:Variant.MSILPerseus.61154
FireEye	Generic.mg.c5c14c4306e1ce0e
McAfee	RDN/Generic PWS.y
Zillya	Backdoor.SpyGate.Win32.68
K7AntiVirus	Trojan ( 700000121 )
Alibaba	Backdoor:MSIL/SpyGate.8e43a5a6
K7GW	Trojan ( 700000121 )
Cybereason	malicious.306e1c
BitDefenderTheta	Gen:NN.ZemsilF.34062.dq0@aSjvsKg
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.HJY
Paloalto	generic.ml
Kaspersky	Backdoor.MSIL.SpyGate.vy
BitDefender	Gen:Variant.MSILPerseus.61154
NANO-Antivirus	Trojan.Win32.Kryptik.eitoty
Tencent	Msil.Backdoor.Spygate.Szuv
Emsisoft	Gen:Variant.MSILPerseus.61154 (B)
Comodo	Malware@#2d148c4jp9e14
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	RDN/Generic PWS.y
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.MSILPerseus.61154
eGambit	Unsafe.AI_Score_99%
Avira	HEUR/AGEN.1108968
Antiy-AVL	Trojan/Generic.ASMalwS.306A739
Microsoft	Backdoor:MSIL/Bladabindi
Cynet	Malicious (score: 99)
AhnLab-V3	Backdoor/Win.SpyGate.C4805503
MAX	malware (ai score=84)
APEX	Malicious
Yandex	Trojan.Kryptik!1ubxoZXdnqU
Fortinet	MSIL/Kryptik.HJY!tr
Panda	Trj/GdSda.A

How to remove MSILPerseus.61154?

MSILPerseus.61154 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X