Should I remove “Trojan.Win32.Runner.izf”?

Malware Removal

The Trojan.Win32.Runner.izf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.Win32.Runner.izf virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Detected script timer window indicative of sleep style evasion
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Performs some HTTP requests
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Creates a hidden or system file
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

Related domains:

lu1.asia
asu04.shop
asu03.xyz
lu0.viewdns.net

How to determine Trojan.Win32.Runner.izf?


File Info:

crc32: C5820B64
md5: af8ae6c1f2859cc139cd176a6656a855
name: AF8AE6C1F2859CC139CD176A6656A855.mlw
sha1: 161e2d577b418eaa94bf1959a634956b75d7922b
sha256: 22934e006b3f1b8225c51a93ce0acaa1874c4f1dc895fa1664bdf16b0065d2e7
sha512: a80672ea1f49ebaeaf5b850377ee346e7953bf6379a79db91b826ba2249a66424b0f1be189351dc86088ff9efd72142a46f6d4bff2c5dc7271a4db22c10bcd1e
ssdeep: 48:6Su+fLAYSDnTGUJAZqDaKSP2M204xogAYSDnTGUJA17GUFyLaaualaBSh:9LUYDUqZl2JxGYDU+5G3WpeaA
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows

Version Info:

0: [No Data]

Trojan.Win32.Runner.izf also known as:

BkavW32.AIDetect.malware1
K7AntiVirusRiskware ( 0040eff71 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Runner
ALYacTrojan.GenericKD.46548243
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaTrojan:Win32/Runner.e9a23bfe
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.77b418
SymantecTrojan Horse
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan.Win32.Runner.izf
BitDefenderTrojan.GenericKD.46548243
MicroWorld-eScanTrojan.GenericKD.46548243
Ad-AwareTrojan.GenericKD.46548243
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZexaF.34790.aiW@aOSgj0h
TrendMicroTROJ_GEN.R002C0PG421
McAfee-GW-EditionRDN/Generic.grp
FireEyeGeneric.mg.af8ae6c1f2859cc1
EmsisoftTrojan.GenericKD.46548243 (B)
SentinelOneStatic AI – Suspicious PE
WebrootW32.Trojan.Gen
AviraTR/Runner.anoxr
eGambitUnsafe.AI_Score_99%
KingsoftWin32.Troj.Runner.i.(kcloud)
MicrosoftTrojanDownloader:Win32/Aicat.A!ml
GDataTrojan.GenericKD.46548243
AhnLab-V3Trojan/Win.Generic.R428485
McAfeeRDN/Generic.grp
MAXmalware (ai score=87)
VBA32Trojan.Runner
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002C0PG421
IkarusTrojan-Downloader.Lu0bot
MaxSecureTrojan.Malware.119277677.susgen
FortinetPossibleThreat.MU
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Heur.Generic.HxQBOrsA

How to remove Trojan.Win32.Runner.izf?

Trojan.Win32.Runner.izf removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment