Should I remove “Troj/Xtbl-EN”?

The Troj/Xtbl-EN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Troj/Xtbl-EN virus can do?

Unconventionial binary language: Russian
The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine Troj/Xtbl-EN?


File Info:
crc32: 8114ACE0
md5: f75b295f7d9cb8a93f52056d40f33215
name: 2c.jpg
sha1: c1c0f50ed18d44e5a830ab32d6f3eab81ce16c01
sha256: ba1af457a27bc747747f601c62182ff7e3d773239612ac7a4ddf5f25868340b5
sha512: 239bb8c2a432f9c7a9f8f9d1313368954c02fce87b544e0f12195367065ad656f8659002493e72f381dbff34b072e5a6d11e8d658f6e64519f2b99b285c186bb
ssdeep: 12288:1WaClUE9Aew41GtdNlI+IIwB/npXzeKwThFOK/FEa1yHsCWQlonUWM94yf2F1lD:o9xw4WNlIzBhXLGFH6rVGlDL71l
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Xabitozefesaji. Pezamuhawumeb dayihariduca. Pobodiyayuta wicavakepiyepe femotofuv
InternalName: binokubina.exe
FileVersion: 28.0.0.46
Translation: 0x0419 0x0548

Troj/Xtbl-EN also known as:

DrWeb	Trojan.PWS.Stealer.27391
MicroWorld-eScan	Trojan.GenericKD.32704491
FireEye	Generic.mg.f75b295f7d9cb8a9
ALYac	Trojan.Ransom.Shade
Malwarebytes	Trojan.MalPack.GS
VIPRE	Trojan.Win32.Generic!BT
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Trojan.GenericKD.32704491
K7GW	Riskware ( 0040eff71 )
TrendMicro	TROJ_FRS.VSNW0CK19
BitDefenderTheta	Gen:NN.ZexaF.32250.7u0@am0dVBk
Cyren	W32/Trojan.MIFM-1086
Symantec	Packed.Generic.525
Paloalto	generic.ml
GData	Trojan.GenericKD.32704491
Kaspersky	Trojan-Ransom.Win32.Shade.qiq
Alibaba	Trojan:Win32/Shade.eebe359c
NANO-Antivirus	Trojan.Win32.Stealer.ggzopv
AegisLab	Trojan.Multi.Generic.4!c
Rising	Trojan.Kryptik!1.BF08 (CLASSIC)
Ad-Aware	Trojan.GenericKD.32704491
Sophos	Troj/Xtbl-EN
Comodo	Malware@#1xn1lhl6agy16
F-Secure	Trojan.TR/Crypt.XPACK.qqbwd
Zillya	Trojan.Shade.Win32.1154
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.dc
Ikarus	Trojan.Win32.Crypt
Webroot	W32.Trojan.Gen
Avira	TR/Crypt.XPACK.qqbwd
Antiy-AVL	Trojan[Ransom]/Win32.Shade
Endgame	malicious (high confidence)
Arcabit	Trojan.Generic.D1F307EB
ZoneAlarm	Trojan-Ransom.Win32.Shade.qiq
Microsoft	Trojan:Win32/CryptInject.CB!MTB
AhnLab-V3	Trojan/Win32.Agent.R298720
Acronis	suspicious
McAfee	RDN/Ransom
VBA32	BScope.Trojan.Dynamer
Cylance	Unsafe
ESET-NOD32	Win32/Filecoder.Shade.A
TrendMicro-HouseCall	TROJ_FRS.VSNW0CK19
SentinelOne	DFI – Suspicious PE
Fortinet	W32/Kryptik.GYEF!tr
AVG	Win32:MalwareX-gen [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	Win32/Trojan.Ransom.a70

How to remove Troj/Xtbl-EN?

Troj/Xtbl-EN removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X