Trojan:MSIL/AgentTesla.JBM!MTB removal instruction

The Trojan:MSIL/AgentTesla.JBM!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:MSIL/AgentTesla.JBM!MTB virus can do?

Network activity detected but not expressed in API logs

How to determine Trojan:MSIL/AgentTesla.JBM!MTB?


File Info:
crc32: C9AA9C36
md5: ba95de86218ef4fb87322010bb93f3c7
name: BA95DE86218EF4FB87322010BB93F3C7.mlw
sha1: a2b9e68c0d538f9734245e8d9d9afa33c8261830
sha256: 345ab0139a94ac9aa2c07ecb0ca7e8896bc0ebb735d81d318b7fc8364488fbef
sha512: f4722c618da16496b1e8b9bbc617a18009e364b546d8168dcaaad4cd08360ce612d9a49112158e0c77cc0f7d7642df5818095a5840bfe855a262b7d777d15a38
ssdeep: 6144:AehUfR1Gf6COHDnHCjb8tUfRelD6DaYbze88AGhwPgNr6W:thsR1Gf6COHDijb8tUfRelD6DaYbze8
type: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright:  
Assembly Version: 0.0.0.0
InternalName: Salpingian.exe
FileVersion: 0.0.0.0
ProductVersion: 0.0.0.0
FileDescription:  
OriginalFilename: Salpingian.exe

Trojan:MSIL/AgentTesla.JBM!MTB also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
ALYac	Trojan.GenericKDZ.76551
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (D)
Cybereason	malicious.c0d538
Cyren	W32/MSIL_Kryptik.EYW.gen!Eldorado
ESET-NOD32	a variant of MSIL/Kryptik.ACCF
APEX	Malicious
Avast	Win32:PWSX-gen [Trj]
ClamAV	Win.Packed.Redline-9876022-1
Kaspersky	HEUR:Trojan-PSW.MSIL.Reline.gen
BitDefender	Trojan.GenericKDZ.76551
MicroWorld-eScan	Trojan.GenericKDZ.76551
Ad-Aware	Trojan.GenericKDZ.76551
BitDefenderTheta	Gen:NN.ZemsilF.34050.xm0@aidw9ch
McAfee-GW-Edition	BehavesLike.Win32.Generic.fz
FireEye	Generic.mg.ba95de86218ef4fb
Emsisoft	Trojan.GenericKDZ.76551 (B)
SentinelOne	Static AI – Suspicious PE
eGambit	Unsafe.AI_Score_100%
Kingsoft	Win32.PSWTroj.Undef.(kcloud)
Microsoft	Trojan:MSIL/AgentTesla.JBM!MTB
Arcabit	Trojan.Generic.D12B07
GData	Trojan.GenericKDZ.76551
AhnLab-V3	Trojan/Win.Generic.C4564458
Acronis	suspicious
McAfee	PWS-FCTJ!BA95DE86218E
MAX	malware (ai score=80)
Malwarebytes	Trojan.Crypt.MSIL.Generic
Ikarus	Trojan-Spy.MSIL.Agent
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	MSIL/Kryptik.ABUD!tr
AVG	Win32:PWSX-gen [Trj]

How to remove Trojan:MSIL/AgentTesla.JBM!MTB?

Trojan:MSIL/AgentTesla.JBM!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X