Malware

Win32/Packed.Asprotect.JA removal

Malware Removal

The Win32/Packed.Asprotect.JA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Packed.Asprotect.JA virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial language used in binary resources: Chinese
  • The binary likely contains encrypted or compressed data.
  • Likely installs a bootkit via raw harddisk modifications
  • Queries information on disks, possibly for anti-virtualization
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Win32/Packed.Asprotect.JA?



File Info:

crc32: 1DF01C96
md5: f3940d938cea8e4e8f820ffb453c5b41
name: HDTunePro_WinXP_7.exe
sha1: 0251437bcd74e70c0c06cc90e7f8c439e7139172
sha256: dec1cbcbf31aca07765ba2f15b3d67dda92ff793b738b63ff34d37b85e6b00c9
sha512: ba8b67ebdc13b08ffff90a55e95e727195317ec5c49099b4d178e6f8fcb2b907b6db322980853e197b440f879afdb0d89b52d2ad92036a6d7d424e1a4277d47a
ssdeep: 24576:yQ+DwEXT2NNnHxWGK/cRgOnmq9g6FB36rKX6vaW0xr:yxDwEXTYHwdcOU7m6flp1
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2015
InternalName: HD Tune Pro
FileVersion: 5, 6, 0, 0
CompanyName: EFD Software
PrivateBuild: 
LegalTrademarks: 
Comments: 
ProductName: HD Tune Pro
SpecialBuild: 
ProductVersion: 5, 6, 0, 0
FileDescription: HD Tune Pro
OriginalFilename: HDTunePro.EXE
Translation: 0x0004 0x03a8

Win32/Packed.Asprotect.JA also known as:

McAfeeArtemis!F3940D938CEA
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
ESET-NOD32a variant of Win32/Packed.Asprotect.JA
APEXMalicious
Paloaltogeneric.ml
ViRobotTrojan.Win32.S.Agent.1227264.C
ZillyaTrojan.Agent.Win32.816492
McAfee-GW-EditionBehavesLike.Win32.Spyware.th
FortinetW32/Agent.NFAQDG!tr
Trapminemalicious.high.ml.score
IkarusTrojan.Win32.Agent
JiangminTrojan.Agent.axyq
WebrootW32.AGent.nfaqdg
MAXmalware (ai score=95)
Antiy-AVLTrojan/Win32.Agent
AhnLab-V3Trojan/Win32.Agent.C2079854
VBA32Trojan.Agent
MaxSecureTrojan.Malware.7164915.susgen

How to remove Win32/Packed.Asprotect.JA?

Win32/Packed.Asprotect.JA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment