VirTool:MSIL/Injector.gen!B Description

VirTool:MSIL/Inject.gen!B is a malware infection that is known to be an injector. VirTool:MSIL/Inject.gen!B is generated using MSIL (Microsoft Intermediate Language) and it permits it to inject a code into an already running process. VirTool:MSIL/Inject.gen!B is a very sly application, because it is able to bypass detection of security programs by injecting a specific payload into an already running process. Thus, VirTool:MSIL/Inject.gen!B can run in the background of the computer system. VirTool:MSIL/Inject.gen!B is used by various malware threats as a shield that makes them resistant to security software investigation. Therefore, there are no definite symptoms that would specify VirTool:MSIL/Inject.gen!B. The only symptom that would specify VirTool:MSIL/Injector.gen!B existing on your machine is running of certain processes in your Windows Task Manager. Usually, VirTool:MSIL/Inject.gen!B comes in a compressed malicious file that is saved in another program. VirTool:MSIL/Inject.gen!B might come bundled with a shareware program that you download on the Internet. Once VirTool:MSIL/Inject.gen!B corrupts your computer system, it injects itself into a legitimate process and loads new processes created by itself. Eliminate VirTool:MSIL/Injector.gen!B immediately after detection.

Aliases: Dropper.Generic3.BLWL [AVG], W32/Jorik_Shakblades.PC!tr [Fortinet], Trojan.Win32.Generic.128B876F, a variant of MSIL/Injector.HN, Trojan.Jorik.Shakblades.pc, Win-Trojan/Jorik.847872.B [AhnLab-V3], Win32.Troj.Jorik.pc.(kcloud), Trojan/Jorik.gni, Trojan.Generic.KDV.208416 (B), TR/Downloader.Gen [AntiVir], Trojan.Siggen2.29878 [DrWeb], Trojan.Shakblades!dpkbKP3j51c, Trojan.Win32.Jorik.Shakblades.pc [Kaspersky], TROJ_SPNR.06EJ11 and W32/Suspicious_Gen2.MBLYS.

Technical Information

File System Details

VirTool:MSIL/Injector.gen!B creates the following file(s):
# File Name Size MD5 Detection Count
1 %WINDIR%fgccsrt.exe 71,513 ab07589d00226735ce99567b46dbef40 33
2 %WINDIR%\SYSTEM32\Beaches Resorts Screensaver.scr 357,376 bd26ec4ce2fe06e4e3965c1c75a9a932 12
3 %SystemDrive%\iTunes\iTunesHelper.exe 819,712 8417966b13470608e7e761c45e814ed9 7
4 %ALLUSERSPROFILE%\Application Data\QuestScan\questscan185.exe 36,864 d1bde2911ad8f0054b97e687486cef60 6
5 %ALLUSERSPROFILE%\BPK\pfklgrwb.dll 504,832 e56563e94a1579c9c4a6cd732ad00f1c 5
6 %WINDIR%\System32\drivers\netbt.sys 162,816 b73363ce3e2e31f75783d1e3f40bb214 5
7 %USERPROFILE%\My Documents\Downloads\devede-3.16.exe 489,315 90ccaf9d66ccad3350af6d7522abb0d5 5
8 %PROGRAMFILES%\Yahoo!\007install-dep.exe 1,844,746 1b968c1f5f3f5d52ba3d8bbc4163c529 4
9 %SystemDrive%\DS\dskl.exe 391,680 71bace3dcdaa25280febedd5117ca09b 4
10 %PROGRAMFILES%\lg_swupdate\Gilautouc.exe 708,608 6cc5c8617784b0c2216dc77f80bc6b66 3
11 %WINDIR%kdhr.exe 66,044 44b2654aae45b00ede0912d683cc7c8a 3
12 %ALLUSERSPROFILE%\Application Data\QuestBrwSearch\questbrowse199.exe 26,112 1d2ede1e5b6fb6dd4b5189f5bb58a825 2
13 %WINDIR%\System32\drivers\csc.sys 388,096 ffba98bd5ee4093bded74c79a9e46f97 2
14 %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\IMVU Credit Generator.exe 741,376 976a55ace6538a2538062e250e225eac 2
15 %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\keygen.exe 847,872 fa46a3e45969853c6bba3497efc5abe8 2
16 %WINDIR%\system32\KAward\wak.exe 3,297,280 c0729bc23019e472f4b19b8f2fbfa41f 1
17 %PROGRAMFILES%\ScanQuery\scanquery.dll 585,728 fe9aa2d11fe7a14122389f369a9a596d 1
18 %WINDIR%\SysWOW64\KAward\aklservice.exe 106,496 a2f1d51291bf25559e8bdd9e8b2d5c2a 1
19 install.exe N/A
20 questbrowse199.exe N/A
21 csc.sys N/A
More files

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.