About “Win32/Packed.Asprotect.IE” infection

The Win32/Packed.Asprotect.IE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Packed.Asprotect.IE virus can do?

• Executable code extraction
• Creates RWX memory
• Unconventionial language used in binary resources: Russian
• The binary likely contains encrypted or compressed data.
• Queries information on disks, possibly for anti-virtualization
• Checks for the presence of known devices from debuggers and forensic tools
• Anomalous binary characteristics

How to determine Win32/Packed.Asprotect.IE?

File Info:
crc32: 4D347764
md5: 3ec286213e2f2dc94181518140308e25
name: generator.exe
sha1: 727300bf5e39adefa1053ed1e3584202ab05ff45
sha256: 38328c02c5d1e6b20bd85d64947bbe0cd44b384e744f82090a9df3bb2756f104
sha512: 89e1a75f21f35ada8d696d92c46557c9104e60910ff27a7bd755a7cdb9bdcaa1eae191d7ff78f2f6ac689dd677fe852dbd6c2c6af950e118a7a35001bfaf2f17
ssdeep: 6144:r3SZtgdXUl9L0P6SYrd5NffKx/8GcsMBvMCmJpmypuF:rSgm0P6pV+esTCm3gF
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Win32/Packed.Asprotect.IE also known as:

How to remove Win32/Packed.Asprotect.IE?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.