What is “Ransom:MSIL/Polar.PC!MTB”?

Malware Removal

The Ransom:MSIL/Polar.PC!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Ransom:MSIL/Polar.PC!MTB virus can do?

  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Ransom:MSIL/Polar.PC!MTB?


File Info:

crc32: 7815C816
md5: 841980b4ae02a4e6520ab834deee241b
name: 841980B4AE02A4E6520AB834DEEE241B.mlw
sha1: 9d9d63041141930d648f71a36b1ab18754f59531
sha256: ad9093adf832b6f86d6001331547f0072de21419fe40e6446c3525213add1413
sha512: 9b430f7f4b407ca166ffea3c448212d5b9a39a070178e315d1f4f138e2229d365060d4c09f08fcf392e4169c578a5373612ff483b89e869525b2a654d7703c89
ssdeep: 3072:AmmcyVX7cKMNqjYf8RkvmCwYcT9Ve8wF/I+22+PxiXYYVPQDJx3MZ270T:AmmxrTgeYf87YcT+8wdaQA/30UA
type: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2020
Assembly Version: 1.0.0.0
InternalName: Encode.exe
FileVersion: 1.0.0.0
ProductVersion: 1.0.0.0
FileDescription:
OriginalFilename: Encode.exe

Ransom:MSIL/Polar.PC!MTB also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Ransom.WCryG.F743F876
McAfeeArtemis!841980B4AE02
CylanceUnsafe
AegisLabTrojan.Win32.Wcryg.4!c
SangforMalware
K7AntiVirusTrojan ( 005643831 )
BitDefenderGeneric.Ransom.WCryG.F743F876
K7GWTrojan ( 005643831 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitGeneric.Ransom.WCryG.F743F876
InvinceaMal/Generic-R + Mal/Genasom-A
CyrenW32/Ransom.TOGN-9099
SymantecTrojan.Gen.2
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Ransom.Win32.Generic
AlibabaTrojan:MSIL/Filecoder.197717d4
RisingTrojan.Win32.Destructor!1.B060 (CLASSIC)
Ad-AwareGeneric.Ransom.WCryG.F743F876
EmsisoftGeneric.Ransom.WCryG.F743F876 (B)
ComodoMalware@#gjtc7w2dp3ba
F-SecureTrojan.TR/Ransom.tovop
TrendMicroRansom_RAMSIL.SM
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.Ransom.WCryG.F743F876
SophosMal/Genasom-A
SentinelOneStatic AI – Malicious PE
JiangminTrojan.MSIL.ommg
AviraTR/Ransom.tovop
MAXmalware (ai score=89)
Antiy-AVLTrojan/MSIL.Filecoder
MicrosoftRansom:MSIL/Polar.PC!MTB
ZoneAlarmHEUR:Trojan-Ransom.Win32.Generic
GDataGeneric.Ransom.WCryG.F743F876
CynetMalicious (score: 85)
VBA32TScope.Trojan.MSIL
ALYacGeneric.Ransom.WCryG.F743F876
MalwarebytesRansom.FileCryptor
PandaTrj/GdSda.A
ESET-NOD32a variant of MSIL/Filecoder.ZA
TrendMicro-HouseCallRansom_RAMSIL.SM
TencentWin32.Trojan.Generic.Dxmn
YandexTrojan.Filecoder!jW2HYYV9iU4
IkarusTrojan-Ransom.FileCrypter
MaxSecureTrojan.Malware.73429809.susgen
FortinetMSIL/Agent.A!tr
BitDefenderThetaGen:NN.ZemsilF.34634.lm0@aCZOBbb
AVGWin32:Trojan-gen
Cybereasonmalicious.4ae02a
AvastWin32:Trojan-gen
Qihoo-360Generic/Trojan.Ransom.b10

How to remove Ransom:MSIL/Polar.PC!MTB?

Ransom:MSIL/Polar.PC!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment