Trojan

Trojan.Win32.Inject removal instruction

Malware Removal

The Trojan.Win32.Inject is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Inject virus can do?

  • Presents an Authenticode digital signature
  • Possible date expiration check, exits too soon after checking local time
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Japanese
  • Network activity detected but not expressed in API logs

How to determine Trojan.Win32.Inject?



File Info:

crc32: 24C53BE7
md5: 92de29c19c25a71ae680d83463c7d735
name: winmostar0_setup_7.028_jp.exe
sha1: 5c29404325da704b14102cbcdbdfa2c5d05184f4
sha256: e0ae0699e126f13ec74206f2f057a8b5f7ea746d12a10e4fea793fba16f611ab
sha512: 697cc9df8e16eeb04658ab0c704793a110030b3e6638fd6e471bd1bfd0a317833ef4451b12de793611bbeb768822a98821db562c0ebe9dea6c4be7bb51b54482
ssdeep: 393216:ypZtxNv37waYHdn1YukbyVSdWVN9TfjN62TtsSNaIE:ynN37waYR5kbyVSdWVN9N6QsSNap
type: PE32 executable (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive


Version Info:

LegalCopyright: (C)1997-2001 K.Miyauchi
InternalName: CabStub
FileVersion: 1, 0, 4, 0
CompanyName: LightShip Software
PrivateBuild: 
LegalTrademarks: 
Comments: 
ProductName: Cab32
SpecialBuild: 
ProductVersion: 1, 0, 4, 0
FileDescription: CabSfx Stub Module
OriginalFilename: CabStub
Translation: 0x0411 0x04b0

Trojan.Win32.Inject also known as:

CAT-QuickHealTrojan.Presenoker
McAfeeArtemis!92DE29C19C25
KasperskyHEUR:Trojan.Win32.Inject.gen
AegisLabTrojan.Win32.Inject.4!c
McAfee-GW-EditionArtemis
JiangminAdWare.Generic.phwh
eGambitUnsafe.AI_Score_99%
ZoneAlarmHEUR:Trojan.Win32.Inject.gen
TrendMicro-HouseCallTROJ_GEN.R002H07E320
IkarusTrojan.Win32.Meterpreter
PandaTrj/CI.A

How to remove Trojan.Win32.Inject?

Trojan.Win32.Inject removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment