Should I remove “Trojan:MSIL/SpyNoon.SMD!MTB”?

The Trojan:MSIL/SpyNoon.SMD!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:MSIL/SpyNoon.SMD!MTB virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Trojan:MSIL/SpyNoon.SMD!MTB?


File Info:
name: 92D02811B6B1E9EB265A.mlw
path: /opt/CAPEv2/storage/binaries/9a99c00c276ec7a7f8782f37d125643969c44eff54e0e6461661094ed4200ae1
crc32: 433ED418
md5: 92d02811b6b1e9eb265acc52ac273a5c
sha1: 04930d5cf3d1ed1ad22d69259174d475fbf6f84e
sha256: 9a99c00c276ec7a7f8782f37d125643969c44eff54e0e6461661094ed4200ae1
sha512: 999c2228bca856d5719e6b77ffb91c9c0fc3a869f06ad93395a8af4a6acf0f4dc935be562a94ab5a24b5bbf135d1c89d76f21223da255ee7be4ba5257935137d
ssdeep: 12288:b2iNxP47B7P47BjEPK3SHAjR/xYMyOkkDm7PqxxIBccBfdFDogb:b17P47B7P47B/3jVKMIkCcIB5B1FDo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10E65BD2536B1AE9CD12E4BFB44F4817406B6AC06AE2ED79F76F13E2E7D312811116363
sha3_384: d9b1769274637e2746fe0f7dc7cbeeb88809189cbbd086162c35bd1c6f939bc1ad97848977287a9450c0822b8975f270
ep_bytes: ff250020400000000000000000000000
timestamp: 2002-07-29 10:07:16

Version Info:
CompanyName: Adobe Inc
FileDescription: Adobe Download Manager
FileVersion: 2.0.0.604s
InternalName: Adobe Download Manager
LegalCopyright: Copyright 2019 Adobe Inc. All rights reserved.
OriginalFilename: Adobe Download Manager
ProductName: Adobe Download Manager
ProductVersion: 2.0.0.604s
Translation: 0x0409 0x04b0

Trojan:MSIL/SpyNoon.SMD!MTB also known as:

Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen15.57956
MicroWorld-eScan	Trojan.GenericKD.38138298
FireEye	Generic.mg.92d02811b6b1e9eb
ALYac	Trojan.GenericKD.38138298
Cylance	Unsafe
Zillya	Trojan.Kryptik.Win32.3632852
K7AntiVirus	Trojan ( 0058b16a1 )
Alibaba	TrojanSpy:MSIL/SpyNoon.5995c0f6
K7GW	Trojan ( 0058b16a1 )
CrowdStrike	win/malicious_confidence_90% (W)
BitDefenderTheta	Gen:NN.ZemsilCO.34084.Bn0@ayLFVRpi
Cyren	W32/MSIL_Agent.CFH.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.ADOU
TrendMicro-HouseCall	TROJ_GEN.R011C0WL221
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-Spy.MSIL.Noon.gen
BitDefender	Trojan.GenericKD.38138298
Avast	Win32:MalwareX-gen [Trj]
Ad-Aware	Trojan.GenericKD.38138298
TrendMicro	TROJ_GEN.R011C0WL221
McAfee-GW-Edition	GenericRXQX-MV!92D02811B6B1
Emsisoft	Trojan.GenericKD.38138298 (B)
Ikarus	Trojan.MSIL.Crypt
Avira	TR/Kryptik.vvzkt
Antiy-AVL	Trojan/Generic.ASMalwS.34E29E4
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:MSIL/SpyNoon.SMD!MTB
GData	Trojan.GenericKD.38138298
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.Generic.C4799347
McAfee	GenericRXQX-MV!92D02811B6B1
MAX	malware (ai score=82)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Malware.AI.663328316
APEX	Malicious
Yandex	Trojan.Kryptik!CAVcqB8ZwAM
SentinelOne	Static AI – Malicious PE
Fortinet	PossibleThreat.ZDS
AVG	Win32:MalwareX-gen [Trj]
Panda	Trj/GdSda.A

How to remove Trojan:MSIL/SpyNoon.SMD!MTB?

Trojan:MSIL/SpyNoon.SMD!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X