Malware

Win32/Injector.AYGW removal guide

Malware Removal

The Win32/Injector.AYGW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Injector.AYGW virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • Executed a process and injected code into it, probably while unpacking
  • Likely installs a bootkit via raw harddisk modifications
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Win32/Injector.AYGW?



File Info:

crc32: E5140FED
md5: e834330ed862cd47bb9a19e056685362
name: E834330ED862CD47BB9A19E056685362.mlw
sha1: 6c7707669e7887d2856350b9aab2fb11b3430952
sha256: b34409018c7c4d45c34df0bb10030b985a6b4065c9d765eb8f4ae050a28389bc
sha512: 5b58c03fc58e643b35083b813f03a6f270f7e16c3e80b9d15dfb7344d8db8747188e63a79ec5a06885c136c7414038e159f71d7e9171da6b987611c9b4690bed
ssdeep: 3072:Xdc0NeFRdopGgDP4nFjTSCUn7QIjppzWAzqKey5WIDkfV:XdRiypvtNjHzW9sXUV
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Win32/Injector.AYGW also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 7000000f1 )
Elasticmalicious (high confidence)
DrWebTrojan.MBRlock.6
CynetMalicious (score: 90)
CAT-QuickHealTrojan.Ransom.A
ALYacTrojan.Ransom.GenericKD.43273150
CylanceUnsafe
ZillyaTrojan.Generic.Win32.1058198
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Genasom.8bc7b4d6
K7GWTrojan ( 7000000f1 )
Cybereasonmalicious.ed862c
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.AYGW
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Ransom.GenericKD.43273150
NANO-AntivirusTrojan.Win32.Mbro.ctthnw
MicroWorld-eScanTrojan.Ransom.GenericKD.43273150
TencentWin32.Trojan.Generic.Ajlc
Ad-AwareTrojan.Ransom.GenericKD.43273150
SophosMal/Generic-S
ComodoMalware@#1bwz2aqdl8rt4
BitDefenderThetaGen:NN.ZelphiF.34670.jGW@aGPgTycc
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionGenericRXIU-UT!E834330ED862
FireEyeGeneric.mg.e834330ed862cd47
EmsisoftTrojan.Ransom.GenericKD.43273150 (B)
JiangminTrojan.Generic.aijox
AviraDR/Delphi.Gen8
MicrosoftRansom:Win32/Genasom.JJ
ArcabitTrojan.Ransom.Generic.D2944BBE
GDataTrojan.Ransom.GenericKD.43273150
AhnLab-V3Trojan/Win32.Ransom.C425795
McAfeeGenericRXIU-UT!E834330ED862
MAXmalware (ai score=89)
VBA32BScope.Backdoor.Zegost
PandaGeneric Malware
RisingRansom.PornoAsset!8.6AA (CLOUD)
YandexTrojan.Mbro!RwixNjv/5CU
IkarusTrojan.Win32.Ransom
FortinetW32/Delf.DS!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/TrojanDropper.Generic.HwUBskUA

How to remove Win32/Injector.AYGW?

Win32/Injector.AYGW removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment