Trojan

Trojan-Downloader.MSIL.TaskLoader.vyo malicious file

Malware Removal

The Trojan-Downloader.MSIL.TaskLoader.vyo is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.MSIL.TaskLoader.vyo virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (2 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Looks up the external IP address
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization

Related domains:

ipinfo.io
www.google-analytics.com

How to determine Trojan-Downloader.MSIL.TaskLoader.vyo?



File Info:

crc32: 41D375FC
md5: e301cd7eaf5bbdafe8efb4a24e0bd2a6
name: setupadblocker.exe
sha1: 6c67adaac471331cb885a92c8834943591331845
sha256: fe1667f1b5785e03501b1fed1cb6badadc82f7714b2d2320974e2f16f8cd2060
sha512: 90e55a1c8688a2d28741b21c434a04e61c6818a127531706b8e563c9db9a90d70323d09a7821a8ed7e67d37adda406dab186362ad9e0ff0c15178cf0b828c8d0
ssdeep: 24576:m86FPbxkD9aMVg8PbJotVPQVsPVUFFTLPEVvtUOOJezG/aYFkJR30F6rp8b:ExM7vP9eoVqVEF3PS1UDJq0GJyFaA
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 AdBlocker 2016-2020. All rights reserved.                                                         
FileVersion: 1.0.9.30            
CompanyName: New Balance Expert Plus S.r.l.                              
Comments: This installation was built with Inno Setup.
ProductName: AdBlocker                                                   
ProductVersion: 1.0.9.30                                          
FileDescription: AdBlocker 1.0.9.30                                          
Translation: 0x0000 0x04b0

Trojan-Downloader.MSIL.TaskLoader.vyo also known as:

MicroWorld-eScanTrojan.GenericKD.43422400
FireEyeTrojan.GenericKD.43422400
McAfeeArtemis!E301CD7EAF5B
CylanceUnsafe
AegisLabTrojan.MSIL.TaskLoader.a!c
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderTrojan.GenericKD.43422400
K7GWRiskware ( 0040eff71 )
SymantecTrojan.Gen.MBT
TrendMicro-HouseCallTROJ_GEN.R002H07G320
GDataTrojan.GenericKD.43422400
KasperskyTrojan-Downloader.MSIL.TaskLoader.vyo
AlibabaTrojanDownloader:MSIL/TaskLoader.234dbc2c
EmsisoftTrojan.GenericKD.43422400 (B)
DrWebTrojan.Siggen9.34586
APEXMalicious
MAXmalware (ai score=88)
MicrosoftTrojan:Win32/Wacatac.C!ml
ArcabitTrojan.Generic.D29692C0
ZoneAlarmTrojan-Downloader.MSIL.TaskLoader.vyo
Ad-AwareTrojan.GenericKD.43422400
FortinetW32/TaskLoader.VYO!tr.dldr
AVGFileRepMetagen [Malware]
Qihoo-360Generic/Trojan.Downloader.340

How to remove Trojan-Downloader.MSIL.TaskLoader.vyo?

Trojan-Downloader.MSIL.TaskLoader.vyo removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment