What is “Backdoor.Win32.Androm.qaxl”?

Malware Removal

The Backdoor.Win32.Androm.qaxl is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Backdoor.Win32.Androm.qaxl virus can do?

  • Unconventionial language used in binary resources: Chinese (Traditional)
  • Anomalous binary characteristics

How to determine Backdoor.Win32.Androm.qaxl?


File Info:

crc32: BE196F90
md5: a75b76fea4174c83a61cd9e970f49522
name: A75B76FEA4174C83A61CD9E970F49522.mlw
sha1: 2ae604d28f5620648b9fa89edd88c07c71642d25
sha256: 42b2f84e503000a98a9aa9f476d104389bdd766b74c3899b34a01b73138ea56d
sha512: 6fa1a1b1c9aca6a402affce7ff6ba501aa77cb8328439328182fd5dbdbf2e3f884ac24fb88f20c1fa09987131df5922490e97518278794d5b001309d139439f1
ssdeep: 3072:V6zwAVquGQVY5GCOC6QJ/oIbmARSKYQViQ1BEv0IClqEKivFbN94Sd8evpi1Tzy:Vk74JA1ARWdQS0IClqu4Ql0Y6Bv/
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0404 0x04b0
LegalCopyright: Trest_1
InternalName: Promontory
FileVersion: 1.00
CompanyName: Nicrosoft
LegalTrademarks: Trest_1
Comments: Trest_1
ProductName: Trest_1
ProductVersion: 1.00
FileDescription: Trest_1
OriginalFilename: Promontory.exe

Backdoor.Win32.Androm.qaxl also known as:

BkavW32.AIDetect.malware1
K7AntiVirusPassword-Stealer ( 004d88671 )
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.23680
CynetMalicious (score: 100)
ALYacGen:Heur.PonyStealer.vm0@dqrOWQab
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/Fareit.20919896
K7GWPassword-Stealer ( 004d88671 )
Cybereasonmalicious.ea4174
CyrenW32/Zbot.YX.gen!Eldorado
SymantecInfostealer.Lokibot
ESET-NOD32Win32/PSW.Fareit.L
ZonerTrojan.Win32.68800
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Trojan.Gamarue-9850559-0
KasperskyBackdoor.Win32.Androm.qaxl
BitDefenderGen:Heur.PonyStealer.vm0@dqrOWQab
NANO-AntivirusTrojan.Win32.Androm.feivzp
ViRobotTrojan.Win32.Z.Androm.348160.Q
MicroWorld-eScanGen:Heur.PonyStealer.vm0@dqrOWQab
TencentMalware.Win32.Gencirc.114d2f4e
Ad-AwareGen:Heur.PonyStealer.vm0@dqrOWQab
ComodoTrojWare.Script.UMal.kybrk@0
BitDefenderThetaGen:NN.ZevbaF.34670.vm0@aqrOWQab
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojanSpy.Win32.LOKI.SM.hp
McAfee-GW-EditionBehavesLike.Win32.Fareit.fh
FireEyeGeneric.mg.a75b76fea4174c83
EmsisoftGen:Heur.PonyStealer.vm0@dqrOWQab (B)
SentinelOneStatic AI – Malicious PE
JiangminBackdoor.Androm.zyu
AviraTR/PSW.Fareit.hzasw
eGambitUnsafe.AI_Score_99%
KingsoftWin32.Hack.Androm.qa.(kcloud)
MicrosoftTrojan:Win32/Ymacco.AA42
ArcabitTrojan.PonyStealer.E95AA5
AegisLabTrojan.Win32.Androm.m!c
GDataGen:Heur.PonyStealer.vm0@dqrOWQab
AhnLab-V3Win-Trojan/VBKrypt.RP03.X1850
McAfeeFareit-FMI!A75B76FEA417
MAXmalware (ai score=86)
VBA32Backdoor.Androm
MalwarebytesSpyware.PasswordStealer
PandaTrj/GdSda.A
TrendMicro-HouseCallTrojanSpy.Win32.LOKI.SM.hp
RisingTrojan.Win32.Agent_.lz (CLOUD)
YandexTrojan.GenAsa!ucvKtqRF6s0
IkarusTrojan.Win32.Inject
FortinetW32/Injector.EBMW!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml
Qihoo-360Win32/Backdoor.Androm.HwMAVzcA

How to remove Backdoor.Win32.Androm.qaxl?

Backdoor.Win32.Androm.qaxl removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment