Malware

How to remove “Troj/MSILIn-ZL”?

Malware Removal

The Troj/MSILIn-ZL is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/MSILIn-ZL virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Network activity detected but not expressed in API logs

How to determine Troj/MSILIn-ZL?



File Info:

crc32: F99E5CBD
md5: 611fc3d2870e944b68c78c0780f26065
name: Quotation requeste.exe
sha1: a274bc1c6713d778343ae60db83d7175315d7c6b
sha256: 4525a67f95e89fc3f2578b8f5896ab245bb39b6e23073b4160a80ada9c8308bb
sha512: c143e3e26037e63c898332103118cc3f4853cde3d110247cfb11c914a646a562165827566fc1c3173946f62a473510177c8f90042db18cb9905a024699d05da2
ssdeep: 6144:30cnkrf+DL0r7ZtJXBi2hdF4TlAKNpXKPisdBBHTbizLi9fOPGiZPM4nUTAKZKT:Pwu09DK1mzqzPGkrUTAre+JcvPsgUss
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2013
Assembly Version: 0.4.0.0
InternalName: xX1a.exe
FileVersion: 0.4.0.0
CompanyName: Acrojax Solutions Inc.
LegalTrademarks: 
Comments: Sorts photo files into folders
ProductName: Photos2Folders
ProductVersion: 0.4.0.0
FileDescription: Photos2Folders
OriginalFilename: xX1a.exe

Troj/MSILIn-ZL also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.34589184
FireEyeTrojan.GenericKD.34589184
ALYacTrojan.GenericKD.34589184
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
BitDefenderTrojan.GenericKD.34589184
K7GWTrojan ( 0056f8771 )
K7AntiVirusTrojan ( 0056f8771 )
InvinceaMal/Generic-R + Troj/MSILIn-ZL
CyrenW32/MSIL_Kryptik.BTH.gen!Eldorado
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R06BC0DIR20
AvastWin32:MalwareX-gen [Trj]
KasperskyHEUR:Trojan-PSW.MSIL.Stelega.gen
AlibabaTrojanPSW:MSIL/AgentTesla.3723a775
NANO-AntivirusTrojan.Win32.Stelega.hwhyqn
ViRobotTrojan.Win32.Z.Genkryptik.467456
AegisLabTrojan.MSIL.Stelega.i!c
TencentMsil.Trojan-qqpass.Qqrob.Wklz
Ad-AwareTrojan.GenericKD.34589184
SophosTroj/MSILIn-ZL
ComodoMalware@#2vamal0pa88wz
F-SecureTrojan.TR/AD.Bladabindi.hjsso
DrWebTrojan.PackedNET.437
TrendMicroTROJ_GEN.R06BC0DIR20
McAfee-GW-EditionPWS-FCQW!611FC3D2870E
EmsisoftTrojan.GenericKD.34589184 (B)
APEXMalicious
WebrootW32.Malware.Gen
AviraTR/AD.Bladabindi.hjsso
MicrosoftTrojan:MSIL/AgentTesla!MSR
ArcabitTrojan.Generic.D20FCA00
ZoneAlarmHEUR:Trojan-PSW.MSIL.Stelega.gen
GDataTrojan.GenericKD.34589184
AhnLab-V3Malware/Win32.RL_Generic.C4200025
McAfeePWS-FCQW!611FC3D2870E
MAXmalware (ai score=87)
MalwarebytesTrojan.MalPack
IkarusTrojan.MSIL.Inject
PandaTrj/GdSda.A
ESET-NOD32MSIL/Spy.Agent.AES
YandexTrojan.Igent.bUvOS3.1
SentinelOneDFI – Malicious PE
FortinetMSIL/AgentTesla.6065!tr
AVGWin32:MalwareX-gen [Trj]
Paloaltogeneric.ml
Qihoo-360Generic/Trojan.PSW.c9f

How to remove Troj/MSILIn-ZL?

Troj/MSILIn-ZL removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment