Trojan

Trojan-PSW.MSIL.Reline.te removal guide

Malware Removal

The Trojan-PSW.MSIL.Reline.te is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-PSW.MSIL.Reline.te virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Expresses interest in specific running processes
  • The binary likely contains encrypted or compressed data.
  • Detects Sandboxie through the presence of a library
  • Checks for the presence of known windows from debuggers and forensic tools
  • The following process appear to have been packed with Themida: PUBG TE CFFHOOK.exe
  • Checks for the presence of known devices from debuggers and forensic tools
  • Detects the presence of Wine emulator via registry key
  • Checks the version of Bios, possibly for anti-virtualization
  • Detects VirtualBox through the presence of a registry key
  • Anomalous binary characteristics

How to determine Trojan-PSW.MSIL.Reline.te?



File Info:

crc32: 11E8C6C7
md5: c544df98936f14558257fa43cfdf7fb3
name: PUBG TE CFFHOOK.exe
sha1: 26b051759bf660e6d187f236d18082695be2ffdf
sha256: 8deec3dfee3dc62988bf845282639df6e9beb98a9a7d12652c20724339285b2d
sha512: f13036df439d8f55a17c27a2064684addc9aec2322628b79f633fbe2b70ea4940846df3541bf97331a1e97f29a8bd652580604410ca489a619b5ac0f74df2234
ssdeep: 49152:M2GFWIamkWIcxI9Ak6G6A7UNoGvEJpmTw0Fl:M7FWvTH8KA1GkmGvamFl
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9  2017
Assembly Version: 1.0.0.0
InternalName: pb_Stl.dll
FileVersion: 1.0.0.0
CompanyName: Parabox, LLC
LegalTrademarks: 
Comments: Modified by an unpaid evaluation copy of Resource Tuner 2. http://www.heaventools.com
ProductName: pb_Stl
ProductVersion: 1.0.0.0
FileDescription: pb_Stl
OriginalFilename: pb_Stl.dll
Translation: 0x0000 0x04b0

Trojan-PSW.MSIL.Reline.te also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.43931671
McAfeeArtemis!C544DF98936F
ZillyaTrojan.Themida.Win32.57424
AegisLabTrojan.Win32.Malicious.4!c
K7AntiVirusTrojan ( 0055bc761 )
BitDefenderTrojan.GenericKD.43931671
K7GWTrojan ( 0055bc761 )
CrowdStrikewin/malicious_confidence_90% (W)
ArcabitTrojan.Generic.D29E5817
TrendMicroTROJ_GEN.R002C0WJ320
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-PSW.MSIL.Reline.te
AlibabaTrojanPSW:MSIL/Reline.ec2932fc
ViRobotTrojan.Win32.Z.Themida.2291712
Ad-AwareTrojan.GenericKD.43931671
EmsisoftTrojan.GenericKD.43931671 (B)
ComodoMalware@#26r9y47l433zv
F-SecureTrojan.TR/Redcap.iaguj
DrWebTrojan.Packed2.42611
InvinceaGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
FireEyeGeneric.mg.c544df98936f1455
IkarusTrojan.Win64.Themida
JiangminTrojan.PSW.Agent.blp
AviraTR/Redcap.iaguj
MAXmalware (ai score=87)
MicrosoftTrojan:Win32/Bluteal!rfn
ZoneAlarmTrojan-PSW.MSIL.Reline.te
GDataTrojan.GenericKD.43931671
CynetMalicious (score: 100)
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34282.lE0aa422sHoi
ALYacTrojan.GenericKD.43931671
MalwarebytesSpyware.AzorUlt
ESET-NOD32a variant of Win32/Packed.Themida.HFL
TrendMicro-HouseCallTROJ_GEN.R002C0WJ320
SentinelOneDFI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/PossibleThreat
AVGFileRepMalware
Cybereasonmalicious.8936f1
PandaTrj/Genetic.gen
Qihoo-360Generic/HEUR/QVM19.1.42AF.Malware.Gen

How to remove Trojan-PSW.MSIL.Reline.te?

Trojan-PSW.MSIL.Reline.te removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment