MSIL/DllInject.AQB potentially unsafe information

The MSIL/DllInject.AQB potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/DllInject.AQB potentially unsafe virus can do?

Authenticode signature is invalid
Anomalous binary characteristics

How to determine MSIL/DllInject.AQB potentially unsafe?


File Info:
name: D2E6A0421DDC4BB7660D.mlw
path: /opt/CAPEv2/storage/binaries/5cdb1a365b053c6c45a65381ebb65bb47caa20554cb67d57229be224ece1e355
crc32: FA3B607C
md5: d2e6a0421ddc4bb7660d84342ccf178d
sha1: 3e1fb5283862514631203a0e6b5d74c398247711
sha256: 5cdb1a365b053c6c45a65381ebb65bb47caa20554cb67d57229be224ece1e355
sha512: d14d85d8f3fb2114815d6223d40c276b159b3006061fb7f93f479e79dfd18174bd37b24bbaabbabe26debc1b31264f5c2b50146f3429669bfffa69911793a57f
ssdeep: 384:m+BGOq8Vg6hYzyyL/bbzyxh2k3mfmmmXXvVTmgzaJ2GgcM4b1FyIjyjOv6e8OYja:m+wOqoEVjRfmmmv5WJGLHqyq3t
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T117C22A0677FC2662F8BE4BBDD075366007B1F2E25A22C71D0CC8A1AD1915BE14B12B7B
sha3_384: 3a5d8ac2792317705dc79ce01e70184147d859b1f950aa0d83fa9ed81f00ee0841d6fb7fcb00d4ba1e2ad3660218da55
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2020-10-06 04:50:58

Version Info:
Translation: 0x0000 0x04b0
Comments: GoogleUpdateTaskMachineUA, GoogleUpdateTaskMachineUA
CompanyName: GoogleUpdateTaskMachineUA, GoogleUpdateTaskMachineUA
FileDescription: GoogleUpdateTaskMachineUA, GoogleUpdateTaskMachineUA
FileVersion: 1.0.0.0
InternalName: svchost.exe
LegalCopyright: GoogleUpdateTaskMachineUA, GoogleUpdateTaskMachineUA
LegalTrademarks: 
OriginalFilename: svchost.exe
ProductName: 
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/DllInject.AQB potentially unsafe also known as:

Lionic	Trojan.Win32.Variadic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Heur.Variadic.A.348.1
FireEye	Gen:Heur.Variadic.A.348.1
McAfee	Artemis!D2E6A0421DDC
Malwarebytes	Trojan.Injector
VIPRE	Gen:Heur.Variadic.A.348.1
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Unwanted-Program ( 0056ee5c1 )
K7GW	Unwanted-Program ( 0056ee5c1 )
Cybereason	malicious.21ddc4
Cyren	W64/ABRisk.KXHB-3325
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of MSIL/DllInject.AQB potentially unsafe
BitDefender	Gen:Heur.Variadic.A.348.1
Avast	Win64:MiscX-gen [PUP]
Emsisoft	Gen:Heur.Variadic.A.348.1 (B)
McAfee-GW-Edition	Artemis!Trojan
Sophos	Troj/Inject-IUS
GData	Gen:Heur.Variadic.A.348.1
Arcabit	Trojan.Variadic.A.348.1
Microsoft	Program:Win32/Wacapew.C!ml
Google	Detected
AhnLab-V3	Malware/Gen.RL_Reputation.C4314835
ALYac	Gen:Heur.Variadic.A.348.1
MAX	malware (ai score=82)
VBA32	CIL.StupidStealth.Heur
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H09DM23
Ikarus	PUA.MSIL.Dllinject
MaxSecure	Trojan.Malware.128202536.susgen
Fortinet	Adware/DllInject
AVG	Win64:MiscX-gen [PUP]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove MSIL/DllInject.AQB potentially unsafe?

MSIL/DllInject.AQB potentially unsafe removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X