MSIL/Injector.VSJ removal guide

The MSIL/Injector.VSJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Injector.VSJ virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous binary characteristics

How to determine MSIL/Injector.VSJ?


File Info:
name: 4C157AFCEF2287165C47.mlw
path: /opt/CAPEv2/storage/binaries/70ff5ac54b77ce2825b589de9a022e11663f2f569a0418ffc22205f5e2727d99
crc32: BFA0581E
md5: 4c157afcef2287165c475eeec16f51c2
sha1: 8d1422d6218fbc11657a93b65393add148ea43d5
sha256: 70ff5ac54b77ce2825b589de9a022e11663f2f569a0418ffc22205f5e2727d99
sha512: cac68601e8936a5689de1f652646cf8ec5ef1b3ed4f35131b0222e895e1d9d403e1025209903fa92435d2d8ad4d80edd2936592fd431d142eb66a91568165e71
ssdeep: 1536:r4nJ66WvGW2bMFLt+FGQmjjAHQwylocJAyNs:r4nJhWvMst+g1hwyloWs
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14D432B66F3498C07C4DE4B723DF241420B708585197BDABE3CC0E059AEABB81973776A
sha3_384: bbf75051f49afd6d6b59a3fa3be5ccbc14f43db75f73339a03dc80750214f0ae455bc3e2e086552c6e0f92fd424c4458
ep_bytes: ff250020001000000000000000000000
timestamp: 2020-09-19 01:57:39

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: AlienRunPE
FileVersion: 1.0.0.0
InternalName: AlienRunPE.dll
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: AlienRunPE.dll
ProductName: AlienRunPE
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Injector.VSJ also known as:

Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (moderate confidence)
DrWeb	Trojan.InjectNET.17
MicroWorld-eScan	Gen:Heur.MSIL.Krypt.6
ALYac	Gen:Heur.MSIL.Krypt.6
Malwarebytes	Generic.Malware/Suspicious
Zillya	Trojan.Injector.Win32.775469
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 0050bedf1 )
Alibaba	Trojan:MSIL/RemLoader.fd9afd4e
K7GW	Trojan ( 0050bedf1 )
Cybereason	malicious.6218fb
Cyren	W32/MSIL_Troj.C.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Injector.VSJ
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Heur.MSIL.Krypt.6
NANO-Antivirus	Trojan.Win32.Krypt.hxbmnx
Avast	Win32:Trojan-gen
Tencent	Win32.Trojan.Generic.Iqil
Emsisoft	Gen:Heur.MSIL.Krypt.6 (B)
F-Secure	Trojan.TR/Injector.fbrwr
VIPRE	Gen:Heur.MSIL.Krypt.6
McAfee-GW-Edition	BehavesLike.Win32.Generic.qh
FireEye	Generic.mg.4c157afcef228716
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.Injector
GData	Gen:Heur.MSIL.Krypt.6
Avira	TR/Injector.fbrwr
Antiy-AVL	Trojan/MSIL.Injector
Xcitium	Malware@#2ipa8xyp8keey
Arcabit	Trojan.MSIL.Krypt.6
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Trojan:MSIL/RemLoader!MTB
Google	Detected
VBA32	Trojan.MSIL.DiscoStealer.Heur
MAX	malware (ai score=86)
Cylance	unsafe
Panda	Trj/CI.A
Rising	Trojan.RemLoader!8.11E5C (CLOUD)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Injector.UWS!tr
AVG	Win32:Trojan-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove MSIL/Injector.VSJ?

MSIL/Injector.VSJ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X