How to remove "MSILPerseus.6361"?

The MSILPerseus.6361 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What MSILPerseus.6361 virus can do?

Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
Reads data out of its own binary image
Drops a binary and executes it
Uses Windows utilities for basic functionality
Executed a process and injected code into it, probably while unpacking
Sniffs keystrokes
A process was set to shut the system down when terminated
Installs itself for autorun at Windows startup
Creates a copy of itself

Related domains:

z.whorecord.xyz

a.tomx.xyz

rustirt.ddns.net

How to determine MSILPerseus.6361?


File Info:
crc32: 24F03E8A
md5: 78ceafbdd7ecc8b9e2cb066d913e2450
name: contas_da_netflix_para_todos.exe
sha1: 4965acb45e856f3d5826f9392a1f9a273aa305e1
sha256: 3291acd880693ed1775fa8cbfaa2c140d206688c4ab2e46e6f0e9a17361351db
sha512: f7017d123ae04328d0ae222f8b5d11019398119cc8315e1f2bf6a817fa83d2f7143e9dbafa5c7c0ce65e5dbd11a6755992916b777e7b5410e01f40d53c77da61
ssdeep: 6144:/u9w0dEtJMpLvJAjhSQrdimy1gKYCNtfOimw4BIq:/CuJMvAMYinhjkIq
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: Text
Assembly Version: 2.0.0.0
InternalName: Text.exe
FileVersion: 2.0.0.0
CompanyName: Text
LegalTrademarks: Text
Comments: Text
ProductName: Text
ProductVersion: 2.0.0.0
FileDescription: Text
OriginalFilename: Text.exe

MSILPerseus.6361 also known as:

MicroWorld-eScan	Gen:Variant.MSILPerseus.6361
FireEye	Generic.mg.78ceafbdd7ecc8b9
CAT-QuickHeal	Backdoor.MSIL
ALYac	Gen:Variant.MSILPerseus.6361
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.MSIL.Generic.m!c
Sangfor	Malware
K7AntiVirus	Trojan ( 0055e39a1 )
BitDefender	Gen:Variant.MSILPerseus.6361
K7GW	Trojan ( 0055e39a1 )
Cybereason	malicious.dd7ecc
TrendMicro	TROJ_GEN.R03FC0PLD19
BitDefenderTheta	Gen:NN.ZemsilF.34090.pm3@ai2S@Ah
TrendMicro-HouseCall	TROJ_GEN.R03FC0PLD19
Avast	Win32:Malware-gen
ClamAV	Win.Trojan.Ursu-6860469-0
GData	Gen:Variant.MSILPerseus.6361
Kaspersky	HEUR:Backdoor.MSIL.Generic
NANO-Antivirus	Trojan.Win32.Starter.efyfny
APEX	Malicious
Rising	Backdoor.Generic!8.CE (CLOUD)
Ad-Aware	Gen:Variant.MSILPerseus.6361
Sophos	Troj/MSIL-FMQ
Comodo	TrojWare.MSIL.Injector.IFO@7gewfj
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	BackDoor.Cybergate.1
Zillya	Trojan.Inject.Win32.198056
Invincea	heuristic
McAfee-GW-Edition	Trojan-FKBG
Trapmine	suspicious.low.ml.score
Emsisoft	Gen:Variant.MSILPerseus.6361 (B)
SentinelOne	DFI – Malicious PE
MaxSecure	Trojan.Malware.11197868.susgen
Avira	TR/Dropper.Gen
MAX	malware (ai score=100)
Endgame	malicious (high confidence)
Arcabit	Trojan.MSILPerseus.D18D9
SUPERAntiSpyware	Trojan.Agent/Gen-Injector
ZoneAlarm	HEUR:Backdoor.MSIL.Generic
Microsoft	Backdoor:MSIL/Bladabindi
AhnLab-V3	Trojan/Win32.Bladabindi.C2505853
McAfee	Trojan-FKBG
VBA32	TScope.Trojan.MSIL
Panda	Trj/CI.A
ESET-NOD32	a variant of MSIL/Injector.IFO
Tencent	Malware.Win32.Gencirc.10b7cb02
Yandex	Trojan.Inject!XlgVLvkB3eM
Ikarus	Trojan.MSIL.Injector
eGambit	Unsafe.AI_Score_99%
Fortinet	MSIL/Injector.CMQ!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (D)
Qihoo-360	Win32/Trojan.d93

How to remove MSILPerseus.6361?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “MSILPerseus.6361”?