Trojan

Trojan:MSIL/AgentTesla.SD!MTB removal tips

Malware Removal

The Trojan:MSIL/AgentTesla.SD!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/AgentTesla.SD!MTB virus can do?

  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz

How to determine Trojan:MSIL/AgentTesla.SD!MTB?



File Info:

crc32: D934E589
md5: 749d7621eff127b07a66a875b5fdaa47
name: ds.exe
sha1: 8d86ee489afa87456e6435e9b15f0cbb1aa50573
sha256: d19e7b14d607cfded9318bef288c692d48dfffafa2c69d98200fcd0222f3f595
sha512: f5298ed4d8cbe411c9459b490734f92ca4d8bc942b595efea5bfaec90487617cce09dce24305955cb76e7d05d6ce2f364db6f06def0b0e5ae7202406b0f9e08a
ssdeep: 6144:tTqB0JN7Kt26Q6g81NouM8V/eXIdwQ3sXiby:37KPQ6vBK4wQ3dby
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 Weifen Luo 2007
Assembly Version: 2.0.7426.31745
InternalName: iOctxClFn.exe
FileVersion: 2.0.2.0
CompanyName: Weifen Luo
LegalTrademarks: 
Comments: .Net Docking Library for Windows Forms
ProductName: DockPanel Suite
ProductVersion: 2.0.2.0
FileDescription: DockPanel Suite for .Net 2.0
OriginalFilename: iOctxClFn.exe

Trojan:MSIL/AgentTesla.SD!MTB also known as:

MicroWorld-eScanTrojan.GenericKD.43083809
FireEyeGeneric.mg.749d7621eff127b0
McAfeeGenericRXKJ-JS!749D7621EFF1
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Multi.Generic.4!c
SangforMalware
BitDefenderTrojan.GenericKD.43083809
K7GWTrojan ( 00565cf41 )
CrowdStrikewin/malicious_confidence_60% (W)
F-ProtW32/MSIL_Kryptik.AQI.gen!Eldorado
APEXMalicious
GDataTrojan.GenericKD.43083809
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
RisingTrojan.Kryptik!8.8 (CLOUD)
Endgamemalicious (high confidence)
SophosMal/Generic-S
F-SecureTrojan.TR/Agent.bdbqy
DrWebTrojan.Siggen9.43686
McAfee-GW-EditionArtemis
Trapminemalicious.high.ml.score
EmsisoftTrojan.GenericKD.43083809 (B)
IkarusTrojan.MSIL.Agent
CyrenW32/MSIL_Kryptik.AQI.gen!Eldorado
AviraTR/Agent.bdbqy
MAXmalware (ai score=89)
MicrosoftTrojan:MSIL/AgentTesla.SD!MTB
ArcabitTrojan.Generic.D2916821
ZoneAlarmHEUR:Trojan-PSW.MSIL.Agensla.gen
ALYacTrojan.GenericKDZ.66904
MalwarebytesSpyware.AgentTesla
PandaTrj/GdSda.A
ESET-NOD32MSIL/Agent.THY
YandexTrojan.AvsArher.bSK66A
FortinetMSIL/Kryptik.VRU!tr
Ad-AwareTrojan.GenericKD.43083809
AVGFileRepMalware
Paloaltogeneric.ml
Qihoo-360Generic/Trojan.PSW.374

How to remove Trojan:MSIL/AgentTesla.SD!MTB?

Trojan:MSIL/AgentTesla.SD!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment