Malware

Application.KeyLogger.Hgzvip.C removal guide

Malware Removal

The Application.KeyLogger.Hgzvip.C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.KeyLogger.Hgzvip.C virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Application.KeyLogger.Hgzvip.C?



File Info:

name: 941C083AB339573CF7DB.mlw
path: /opt/CAPEv2/storage/binaries/20ee65c1b6fd9ccf6e616a87edbb47d59c8e7a9fb1ed31eb41e5c2ead3076d29
crc32: 159E6118
md5: 941c083ab339573cf7dbd3f9c0e360fa
sha1: e7a0739d8d41bf461d0d07c59e5b621525bb1a5e
sha256: 20ee65c1b6fd9ccf6e616a87edbb47d59c8e7a9fb1ed31eb41e5c2ead3076d29
sha512: c0bed62c4f16dc0e2616679b768fdb19550bad8013b32769c5534c3aac69d023dbbe429a4a9ef5d42e5bf9a6aeee24c1f03b06bb1ea11eac6428d07758f46f22
ssdeep: 196608:zDFoBU8EpVS9uZ1BKKIKo32Zfc1eQOTP1i0dfxk70Mkb9C:PFtVSGKaaXO71L1EMQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1797633415290E43BC0C89AB09D1AC4ED48B5FECDDF5E2021E10DE97B7B56EB9583931E
sha3_384: 36f203e24c6f64456697756fb5b020f332691535bb901aef523f4d640c84da72a00c90fe5bf3724f7cedc0d11e3e84bc
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: System Sll                                                  
FileDescription: 远程管理系统员工端 为避免用户多次重复安装不同目录,故统一安装在C盘,不同意请取消安装 Setup           
FileVersion: 6.6                 
LegalCopyright: Copyright© 2014-2018                                                                                
ProductName: 远程管理系统员工端 为避免用户多次重复安装不同目录,故统一安装在C盘,不同意请取消安装                 
ProductVersion: 6.6.0.0                                           
Translation: 0x0000 0x04b0

Application.KeyLogger.Hgzvip.C also known as:

LionicRiskware.Win32.KeyLogger.1!c
FireEyeApplication.KeyLogger.Hgzvip.C
ALYacApplication.KeyLogger.Hgzvip.C
CylanceUnsafe
AlibabaRiskWare:Win32/HgzMon.900d9a6a
SymantecPUA.Gen.2
ESET-NOD32multiple detections
Paloaltogeneric.ml
Kasperskynot-a-virus:HEUR:Monitor.Win32.HgzMon.gen
BitDefenderApplication.KeyLogger.Hgzvip.C
EmsisoftApplication.KeyLogger.Hgzvip.C (B)
McAfee-GW-EditionArtemis!PUP
SophosGeneric PUA OH (PUA)
GDataApplication.KeyLogger.Hgzvip.C
JiangminMonitor.HgzMon.e
Antiy-AVLTrojan/Generic.ASMalwS.2EA69F9
GridinsoftRansom.Win32.Gen.sa
ViRobotAdware.Hgzvip.7404376
MicrosoftPUA:Win32/CoinMiner
McAfeeArtemis!941C083AB339
MAXmalware (ai score=89)

How to remove Application.KeyLogger.Hgzvip.C?

Application.KeyLogger.Hgzvip.C removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment