Trojan:MSIL/Xlceint.A!bit removal

Malware Removal

The Trojan:MSIL/Xlceint.A!bit is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan:MSIL/Xlceint.A!bit virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Attempts to connect to a dead IP:Port (5 unique times)
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Performs some HTTP requests
  • Looks up the external IP address
  • Attempts to create or modify system certificates
  • Collects information to fingerprint the system

Related domains:

api.ipify.org
freegeoip.net
musicnote.soundcast.me

How to determine Trojan:MSIL/Xlceint.A!bit?


File Info:

crc32: D362798A
md5: 742d07180cb13ef49af926500163da5d
name: 742D07180CB13EF49AF926500163DA5D.mlw
sha1: a540ac29563ddeb948a36e2d18822f568f466b44
sha256: 22bc08e20863b17e90450407d165aabb2f629fd3e92f58b9edee1b2093290413
sha512: 673a8398777df141a08e77747b3e47a05ccde3f41181781fbad7ce70eaba1c5f0b6df29c58c73c06e8811367c9e46e4257e18307b8a1716ca64d940a0b87d70e
ssdeep: 3072:Ro7lYJHuSHgB24gY+KUXCGGIGPOXLEoV8wpBG+/F0WUkQ5A725OVd+XBbq/Z+en:+7lRw4W04V8CBG+bU87Zgbq/4e4
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright:
Assembly Version: 0.0.0.0
InternalName: Client.exe
FileVersion: 0.0.0.0
CompanyName:
LegalTrademarks:
Comments:
ProductName:
ProductVersion: 0.0.0.0
FileDescription:
OriginalFilename: Client.exe

Trojan:MSIL/Xlceint.A!bit also known as:

K7AntiVirusTrojan ( 004c73101 )
LionicTrojan.MSIL.Quasar.m!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader25.54109
ClamAVWin.Packed.Downeks-9804522-0
CAT-QuickHealBackdoor.MSIL
ALYacTrojan.GenericKD.37226915
MalwarebytesBackdoor.Agent.CLN
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:MSIL/Xlceint.60c1f4f2
K7GWTrojan ( 004c73101 )
Cybereasonmalicious.80cb13
CyrenW32/Trojan.SW.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Agent.AAZ
APEXMalicious
AvastWin32:RATX-gen [Trj]
CynetMalicious (score: 100)
KasperskyHEUR:Backdoor.MSIL.Quasar.gen
BitDefenderTrojan.GenericKD.37226915
ViRobotTrojan.Win32.Z.Agent.300544.EAJ
MicroWorld-eScanTrojan.GenericKD.37226915
TencentMsil.Backdoor.Quasar.Aexx
Ad-AwareTrojan.GenericKD.37226915
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZemsilF.34796.sm0@aqBtHzi
TrendMicroTROJ_GEN.R002C0DGB21
McAfee-GW-EditionGenericRXDN-NO!742D07180CB1
FireEyeGeneric.mg.742d07180cb13ef4
EmsisoftTrojan.GenericKD.37226915 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanSpy.MSIL.snz
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1128549
eGambitTrojan.Generic
MicrosoftTrojan:MSIL/Xlceint.A!bit
ArcabitTrojan.Generic.D23809A3
GDataMSIL.Trojan-Spy.Keylogger.J
AhnLab-V3Trojan/Win32.Disfa.C2310673
McAfeeGenericRXDN-NO!742D07180CB1
MAXmalware (ai score=88)
VBA32TScope.Trojan.MSIL
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0DGB21
YandexTrojan.Agent!FtWQ9IBNye8
IkarusBackdoor.Quasar
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.AAZ!tr
AVGWin32:RATX-gen [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Backdoor.Quasar.HgIASYQA

How to remove Trojan:MSIL/Xlceint.A!bit?

Trojan:MSIL/Xlceint.A!bit removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment