How to remove “TrojanSpy:MSIL/AgentTesla.PBU!MTB”?

Malware Removal

The TrojanSpy:MSIL/AgentTesla.PBU!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What TrojanSpy:MSIL/AgentTesla.PBU!MTB virus can do?

  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine TrojanSpy:MSIL/AgentTesla.PBU!MTB?


File Info:

crc32: B4CDE7F7
md5: 39d3099031c4b05f252b15ab020dfb03
name: upload_file
sha1: 57ac4bce3977ec20ed1e3ba3c395cc566255d5a4
sha256: 3a43ed9791f2cf89b57d2ea8dbc4829086569175102b2e17001e2874a7ac401d
sha512: 34d6aa42b85bbf30079181f3cfba01a918b12ef60faa663f209aecdebac1b3695ce8fbc2942ce266b2b5dbf0d4fd9a7e9b6c71f4305f0b985d5f026794b276a5
ssdeep: 12288:ZRZ/+qrS/i9ZIo8/vRPwyGB2qvP3dhD1r6VHmzAx9G:pBWxo8/v+y+2qv/dhDh6VOA
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2018
Assembly Version: 1.0.0.0
InternalName: MC8.exe
FileVersion: 1.0.0.0
CompanyName:
LegalTrademarks:
Comments:
ProductName: RGB Fusion
ProductVersion: 1.0.0.0
FileDescription: RGB Fusion
OriginalFilename: MC8.exe

TrojanSpy:MSIL/AgentTesla.PBU!MTB also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.34492697
FireEyeGeneric.mg.39d3099031c4b05f
CAT-QuickHealTrojan.Multi
Qihoo-360Generic/Trojan.477
McAfeeFareit-FZD!39D3099031C4
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.2512584
K7AntiVirusTrojan ( 0056deef1 )
BitDefenderTrojan.GenericKD.34492697
K7GWTrojan ( 005690671 )
TrendMicroTROJ_GEN.R023C0PIB20
CyrenW32/MSIL_Kryptik.BOX.gen!Eldorado
SymantecPacked.Generic.570
APEXMalicious
AvastWin32:MalwareX-gen [Trj]
KasperskyHEUR:Trojan.MSIL.Taskun.gen
AlibabaTrojanSpy:MSIL/AgentTesla.fd54ea25
NANO-AntivirusTrojan.Win32.Taskun.hupouh
AegisLabTrojan.MSIL.Taskun.4!c
Ad-AwareTrojan.GenericKD.34492697
EmsisoftTrojan.GenericKD.34492697 (B)
F-SecureTrojan.TR/Dropper.MSIL.lcltx
DrWebTrojan.PWS.Siggen2.54887
VIPRETrojan.Win32.Generic!BT
InvinceaMal/Generic-R + Troj/Kryptik-KV
McAfee-GW-EditionFareit-FZD!39D3099031C4
SophosTroj/Kryptik-KV
JiangminTrojan.MSIL.qpow
WebrootW32.Malware.Gen
AviraTR/Dropper.MSIL.lcltx
Antiy-AVLTrojan/MSIL.Taskun
MicrosoftTrojanSpy:MSIL/AgentTesla.PBU!MTB
ArcabitTrojan.Generic.D20E5119
ZoneAlarmHEUR:Trojan.MSIL.Taskun.gen
GDataTrojan.GenericKD.34492697
CynetMalicious (score: 85)
AhnLab-V3Trojan/Win32.AgentTesla.R350660
BitDefenderThetaGen:NN.ZemsilF.34298.en0@aCdQCSf
MAXmalware (ai score=86)
MalwarebytesTrojan.MalPack.PNG.Generic
PandaTrj/GdSda.A
ZonerTrojan.Win32.93526
ESET-NOD32a variant of MSIL/Kryptik.XQM
TrendMicro-HouseCallTROJ_GEN.R023C0PIB20
YandexTrojan.Igent.bUpKS4.9
IkarusTrojan.MSIL.Inject
FortinetMSIL/Kryptik.XRP!tr
AVGWin32:MalwareX-gen [Trj]
Paloaltogeneric.ml

How to remove TrojanSpy:MSIL/AgentTesla.PBU!MTB?

TrojanSpy:MSIL/AgentTesla.PBU!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment