Trojan

Trojan:MSIL/Abtitu!A removal tips

Malware Removal

The Trojan:MSIL/Abtitu!A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/Abtitu!A virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup

How to determine Trojan:MSIL/Abtitu!A?



File Info:

name: F634C98DA5F1D7216C1F.mlw
path: /opt/CAPEv2/storage/binaries/bd0612c7e4666d7ec07448615e3281919755889f76fe8f87fdad81e96168dd46
crc32: C072989C
md5: f634c98da5f1d7216c1f8d549062a08f
sha1: 8aa6a7f26cef6a13b4354c84b6a0620f225da39e
sha256: bd0612c7e4666d7ec07448615e3281919755889f76fe8f87fdad81e96168dd46
sha512: 22395095d2c2c1014856046c1f0cd75f006ee0e1ff3ca986e5493385d9f02dec903b72ce153fc04dabb4c6da5519c02546a1c079f4794325b8c8285dcf2e12e8
ssdeep: 96:qL6gMD41JIAKe288y8NyacE2GYlnlYJnLLML0Kff39CC0MgC0MOF1TtXmm/Rq:qLoDJa2iEAV/nlYJLgLTFa/Rq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B3F1B51163E04376DBBB0B7709B36A815B36EE048F57EF6F0994F3224C625548A62B32
sha3_384: 4ed8d454c6bbf4efcfb7f8299fe107b952fb63d5ee2db98fdc29c70c8773c8a9baa46a61ed6eb1e9841a830c23ec1d7f
ep_bytes: ff250020400000000000000000000000
timestamp: 2016-03-21 00:02:22


Version Info:

Translation: 0x0000 0x04b0
Comments: vshost32-clr2
CompanyName: vshost32-clr2
FileDescription: vshost32-clr2
FileVersion: 2.30.2.0
InternalName: 309697.exe
LegalCopyright: vshost32-clr2
LegalTrademarks: vshost32-clr2
OriginalFilename: 309697.exe
ProductName: 2.1500.0.0
ProductVersion: 2.30.2.0
Assembly Version: 2.30.2.0

Trojan:MSIL/Abtitu!A also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Abtitu.4!c
AVGMSIL:Agent-JO [Trj]
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Barys.51140
FireEyeGeneric.mg.f634c98da5f1d721
CAT-QuickHealTrojan.Pitit.A3
SkyhighPUP-XRH-DK
ALYacGen:Variant.Barys.51140
MalwarebytesMalware.AI.218730263
ZillyaTrojan.Agent.Win32.3885762
SangforTrojan.Msil.Abtitu.Vkqf
K7AntiVirusTrojan ( 0058c9f81 )
AlibabaTrojan:MSIL/Abtitu.9bf241e9
K7GWTrojan ( 0056f2051 )
Cybereasonmalicious.da5f1d
BitDefenderThetaGen:NN.ZemsilF.36802.am0@amuNAh
VirITTrojan.Win32.Small.DRE
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of MSIL/Agent.NRE
APEXMalicious
KasperskyHEUR:Trojan.MSIL.Convagent.gen
BitDefenderGen:Variant.Barys.51140
NANO-AntivirusTrojan.Win32.Barys.kjzeox
SUPERAntiSpywareTrojan.Agent/Gen-Faker
AvastMSIL:Agent-JO [Trj]
TencentMsil.Trojan.Convagent.Qsmw
TACHYONTrojan/W32.DN-Genome.7680.B
SophosMal/Generic-S
F-SecureTrojan.TR/Barys.2445.24
VIPREGen:Variant.Barys.51140
TrendMicroTrojan.MSIL.ABTITU.USBLBR24
Trapminesuspicious.low.ml.score
EmsisoftGen:Variant.Barys.51140 (B)
IkarusTrojan.Msil
GDataGen:Variant.Barys.51140
WebrootW32.Malware.Gen
VaristW32/A-793e7bfb!Eldorado
AviraTR/Barys.2445.24
XcitiumTrojWare.MSIL.Agent.NR@589dn3
ArcabitTrojan.Barys.DC7C4
ViRobotTrojan.Win.Z.Barys.7680.BC
ZoneAlarmHEUR:Trojan.MSIL.Convagent.gen
MicrosoftTrojan:MSIL/Abtitu.gen!A
GoogleDetected
AhnLab-V3Trojan/Win32.Agent.R58149
McAfeePUP-XRH-DK
MAXmalware (ai score=86)
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallTrojan.MSIL.ABTITU.USBLBR24
RisingTrojan.Agent!8.B1E (CLOUD)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.109640529.susgen
FortinetMSIL/Agent.SYX!tr
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan:MSIL/Abtitu!A?

Trojan:MSIL/Abtitu!A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment