About “MSIL/Injector.USG” infection

The MSIL/Injector.USG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Injector.USG virus can do?

Network activity detected but not expressed in API logs

How to determine MSIL/Injector.USG?


File Info:
crc32: 005C10CB
md5: 8752f3970c489ceecc4d411f0443176b
name: readme.exe
sha1: cea2ece9345832c4b2f4e4e1a1c9b376ae4e566b
sha256: 9694d3317d0df9defdc19d192c7296b4d7c28a403ff477b7de16c67d3c1752ed
sha512: 002d9966e91c7a68ea745c4e794356f4e1dda6662c13c5c162ca764fc3cd1faf4f80282098cd13225fe9157de7378f46824145011eda06dac003aa1ec1042660
ssdeep: 12288:iuAC4erveUJf48ueMhOS7ftES/kkkkkkk:iharrd48uQS5E
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 1999 - 2019
Assembly Version: 0.0.0.0
InternalName: nostartup.exe
FileVersion: 5.8.10.13
CompanyName: 2p=A}8YaZi9&7MqW
Comments: L&p6+4HsFm8_q
ProductName: Dp8+f3H7NzA2i=%T
ProductVersion: 5.8.10.13
FileDescription: Dp8+f3H7{NzA2i=%T
OriginalFilename: nostartup.exe

MSIL/Injector.USG also known as:

FireEye	Generic.mg.8752f3970c489cee
Cylance	Unsafe
Sangfor	Malware
Cybereason	malicious.934583
BitDefenderTheta	Gen:NN.ZemsilF.34090.Rm0@aK1UaYi
Symantec	ML.Attribute.HighConfidence
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-Spy.MSIL.Quasar.gen
APEX	Malicious
Invincea	heuristic
Trapmine	malicious.high.ml.score
SentinelOne	DFI – Malicious PE
Endgame	malicious (high confidence)
ZoneAlarm	HEUR:Trojan-Spy.MSIL.Quasar.gen
AhnLab-V3	Trojan/Win32.MSIL.R325908
Malwarebytes	Trojan.PCrypt.MSIL.Generic
ESET-NOD32	a variant of MSIL/Injector.USG
Ikarus	Trojan.Inject
eGambit	Unsafe.AI_Score_98%
CrowdStrike	win/malicious_confidence_100% (D)
Qihoo-360	HEUR/QVM03.0.3E57.Malware.Gen

How to remove MSIL/Injector.USG?

MSIL/Injector.USG removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X