Categories: Malware

Win32/Injector.ITQ removal guide

The Win32/Injector.ITQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Injector.ITQ virus can do?

Executable code extraction
A process created a hidden window
The binary likely contains encrypted or compressed data.
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
Creates a hidden or system file
Network activity detected but not expressed in API logs
Likely virus infection of existing system binary
Creates a copy of itself
Anomalous binary characteristics

How to determine Win32/Injector.ITQ?


File Info:
crc32: 5870A0F3md5: a5b9c017aa410b35edb660068633c3caname: A5B9C017AA410B35EDB660068633C3CA.mlwsha1: 159ebe1c73c6542aac696b8e17a3377cb042e42csha256: c38a8b995d9ee6ab8ff2c8e9c44706428afa6a40a13089ef57229dcb0020078esha512: 19cdf48f50823c05799bcee24bcb0153b15089fe5ad0b12edf0660c492344e2f0b9710f6fcb9d9e9b6f6eb3b1d400ae36a71f2a426bfb13c5d9615def86ddd91ssdeep: 12288:nelgUBvhnkV9RwEeCissSSkQUn4OIrFsLyZKvOfWFgWzzAbmOH4wN:nelH8V9Rw95sfBCBixvPzeH4itype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright xa9 2010InternalName: javaFileVersion: 6.0.220.4Full Version: 1.6.0_22-b04CompanyName: Sun Microsystems, Inc.ProductName: Java(TM) Platform SE 6 U22ProductVersion: 6.0.220.4FileDescription: Java(TM) Platform SE binaryOriginalFilename: java.exeTranslation: 0x0000 0x04b0

Win32/Injector.ITQ also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0000fe381 )
Elastic	malicious (high confidence)
DrWeb	Trojan.MulDrop3.17047
Cynet	Malicious (score: 100)
Cylance	Unsafe
Zillya	Trojan.Injector.Win32.414213
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	Ransom:Win32/Blocker.05705886
K7GW	Trojan ( 0000fe381 )
Cybereason	malicious.c73c65
Cyren	W32/VBcrypt.T.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Injector.ITQ
APEX	Malicious
Avast	Win32:VB-YLY [Trj]
Kaspersky	Trojan-Ransom.Win32.Blocker.jidn
NANO-Antivirus	Trojan.Win32.Drop.efwwwu
Tencent	Win32.Trojan.Blocker.Lnob
Sophos	Mal/Generic-S
Comodo	TrojWare.Win32.VBInject.IK@1qsu2f
BitDefenderTheta	Gen:NN.ZevbaF.34058.Km1@aexwLzBG
VIPRE	LooksLike.Win32.Malware!vb (v)
McAfee-GW-Edition	BehavesLike.Win32.Spyeye.hc
FireEye	Generic.mg.a5b9c017aa410b35
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Blocker.qax
Avira	TR/Dropper.Gen
eGambit	Generic.Malware
Antiy-AVL	Trojan/Generic.ASMalwS.1894366
Microsoft	VirTool:Win32/VBInject.gen!DM
ZoneAlarm	Trojan-Ransom.Win32.Blocker.jidn
McAfee	PWS-Spyeye.aj
MAX	malware (ai score=99)
VBA32	BScope.Trojan.Diple
Panda	Trj/CI.A
Rising	Trojan.VBInject!1.6541 (CLASSIC)
Yandex	Trojan.GenAsa!qkGx8kdXOL8
Ikarus	Virus.Win32.VBInject
Fortinet	W32/Refroso.DZP!tr
AVG	Win32:VB-YLY [Trj]
Paloalto	generic.ml
Qihoo-360	Win32/Ransom.Blocker.HgIASOcA