Short bio

Backdoor.Neutrino is the detection name for the Trojan that is the payload dropped by the Neutrino exploit kit.

Type and source of infection

This backdoor is typically dropped by the Neutrino EK. Categorized as a Trojan, obfuscating its true purpose, the backdoor allows threat actors to download and execute more malware on the infected system.


Malwarebytes protects users from Backdoor.Neutrino by using its real-time protection module—if our anti-exploit technology doesn’t block the Neutrino EK first.

block Backdoor.Neutrino

Malwarebytes blocks Backdoor.Neutrino

Home remediation

Malwarebytes can detect and remove Backdoor.Neutrino without further user interaction.

  1. Please download Malwarebytes to your desktop.
  2. Double-click MBSetup.exe and follow the prompts to install the program.
  3. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen.
  4. Click on the Get started button.
  5. Click Scan to start a Threat Scan.
  6. Click Quarantine to remove the found threats.
  7. Reboot the system if prompted to complete the removal process.

Business remediation

How to remove Backdoor.Neutrino with the Malwarebytes Nebula console

You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.

endpoint menu Nebula endpoint tasks menu

Choose the Scan + Quarantine option. Afterwards you can check the Detections page to see which threats were found.

Nebula detections

On the Quarantine page you can see which threats were quarantined and restore them if necessary.

Nebula Quarantaine

Select your language