Should I remove “Win32/Injector.MZ”?

The Win32/Injector.MZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Injector.MZ virus can do?

Behavioural detection: Executable code extraction – unpacking
Authenticode signature is invalid

How to determine Win32/Injector.MZ?


File Info:
name: 4C45B8CD7EF7E8D75A6D.mlw
path: /opt/CAPEv2/storage/binaries/0891f325f38d6c867557e8b979f06c2c60a32f37be1869d78e20d5f88c7554e6
crc32: BFB5D558
md5: 4c45b8cd7ef7e8d75a6d5e73ae9e5f92
sha1: e56fe549dbaed27cb9b76e02125d08463e793ae0
sha256: 0891f325f38d6c867557e8b979f06c2c60a32f37be1869d78e20d5f88c7554e6
sha512: 7e83c771f0156168a286bf6be9839f9f122b607b33e8fc8f327997b758cf1b7892ea46dc42ab6fc86c3ef4c6e30d1ecb8ddda8c84cffca9ce4fb74e667cf2bf7
ssdeep: 192:WXq19UyB+9iOnGsBW4k66MNl9qpZHRJZsFUV5/VLD5Q6+bnEn:Aq1eyUYLsBWXpQqpZHRJWFUtD5QVbEn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C092A513F79D5A62F1950A710C7BC3E55A267CA66F134A0B39543B2E2C30E009D7BB63
sha3_384: 7abb8fe05230304fb0539890db549058c1c1f124b1e65631d8e865a964a4d9294e04437729c2b294eb8213b2170d0483
ep_bytes: 6830124000e8f0ffffff000000000000
timestamp: 2009-03-29 05:25:21

Version Info:
Translation: 0x0409 0x04b0
CompanyName: VIOLINE
ProductName: fgd
FileVersion: 3.04.0002
ProductVersion: 3.04.0002
InternalName: nfeh4
OriginalFilename: nfeh4.exe

Win32/Injector.MZ also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Jaik.26012
FireEye	Generic.mg.4c45b8cd7ef7e8d7
Skyhigh	Generic VB.do
McAfee	Generic VB.do
Zillya	Trojan.VB.Win32.14628
Sangfor	Suspicious.Win32.Save.vb
Alibaba	Worm:Win32/Injector.4b42ccf3
BitDefenderTheta	AI:Packer.F80C683E1F
Symantec	Downloader
ESET-NOD32	a variant of Win32/Injector.MZ
APEX	Malicious
Kaspersky	Worm.Win32.VBNA.b
BitDefender	Gen:Variant.Jaik.26012
NANO-Antivirus	Trojan.Win32.VB.mprcv
Emsisoft	Gen:Variant.Jaik.26012 (B)
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.PWS.Siggen.1098
VIPRE	Gen:Variant.Jaik.26012
Sophos	Mal/SillyFDC-G
Ikarus	Backdoor.Poison
Google	Detected
Avira	TR/Dropper.Gen
Varist	W32/Trojan.UMKP-7275
Antiy-AVL	Worm/Win32.VBNA
Kingsoft	Win32.Worm.VBNA.b
Microsoft	Trojan:Win32/Provis!rts
Xcitium	Malware@#2ch7frdyk7h3k
Arcabit	Trojan.Jaik.D659C
ZoneAlarm	Worm.Win32.VBNA.b
GData	Gen:Variant.Jaik.26012
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.Poison.R630912
ALYac	Gen:Variant.Jaik.26012
Panda	Generic Malware
Rising	Worm.VBNA!8.2BE (CLOUD)
Yandex	Trojan.PWS.VB!nGUmT+zyLvk
MaxSecure	Trojan.Malware.1231436.susgen
Fortinet	W32/VBNA.B!worm
DeepInstinct	MALICIOUS
alibabacloud	Worm:Win/VBNA.b

How to remove Win32/Injector.MZ?

Win32/Injector.MZ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X