MSIL/Injector.NOD removal

The MSIL/Injector.NOD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Injector.NOD virus can do?

The binary likely contains encrypted or compressed data.
.NET file is packed/obfuscated with SmartAssembly
Authenticode signature is invalid

How to determine MSIL/Injector.NOD?


File Info:
name: 1C83A061388BEDB6DB2F.mlw
path: /opt/CAPEv2/storage/binaries/81330aa14a54f8f7a140d53a85bdd640c6979f4df3bf0c94083956a8a14d1823
crc32: 44833891
md5: 1c83a061388bedb6db2f1d3ed0e91608
sha1: 9fedc5df1c402ad14f0dfe7b06478733eccc51a5
sha256: 81330aa14a54f8f7a140d53a85bdd640c6979f4df3bf0c94083956a8a14d1823
sha512: 0995f2c7546d04ab15506ba65b25100b0b2e8fc8b9278584184501045063fefd8d8cc4a55f5eaa688c87c2a148ec5c568ccfad1a58b3a60c8d26a9aadf57eb22
ssdeep: 6144:liurKp0vHXqjli1+JkMcE2rLUqPECx6itc:9Y0PX+lVzVy64c
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1702423BCCF4DEDDCD06DA13F49935967CA1F6ABB0D9056ED4E099A21FFA4120E2102D2
sha3_384: a763199ad477c156ad002dff86e13e05744db786f00632c9beac6e7bf307760f0b05d47aae1a2b6013a818444c7b23ca
ep_bytes: 
timestamp: 2015-12-29 06:42:55

Version Info:
0: [No Data]

MSIL/Injector.NOD also known as:

Bkav	W32.AIDetectNet.01
MicroWorld-eScan	Trojan.GenericKD.39636163
FireEye	Trojan.GenericKD.39636163
Sangfor	Trojan.Win32.Wacatac.B
Alibaba	Trojan:MSIL/Injector.f7e75bae
CrowdStrike	win/malicious_confidence_100% (D)
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of MSIL/Injector.NOD
APEX	Malicious
BitDefender	Trojan.GenericKD.39636163
Ad-Aware	Trojan.GenericKD.39636163
Emsisoft	Trojan.GenericKD.39636163 (B)
Comodo	Heur.Corrupt.PE@1z141z3
McAfee-GW-Edition	Artemis!Trojan
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan.MSIL.Injector
GData	MSIL.Trojan.Dylope.B
Arcabit	Trojan.Generic.D25CCCC3
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
Acronis	suspicious
ALYac	Trojan.GenericKD.39636163
MAX	malware (ai score=84)
SentinelOne	Static AI – Malicious PE
Fortinet	MSIL/NOD!tr

How to remove MSIL/Injector.NOD?

MSIL/Injector.NOD removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X