PUA

PUA:Win32/LTLogger removal guide

Malware Removal

The PUA:Win32/LTLogger is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What PUA:Win32/LTLogger virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine PUA:Win32/LTLogger?


File Info:

crc32: 6B7C6A7C
md5: e9936ee653c05afd534b71f2c9449baf
name: 9377____________.exe
sha1: e7bbd1ac5fd1d3a97209683e5d92f7a92b79904f
sha256: 76d7f0582ab42ce3075da577ff30acd1691684bd38aa60536fda39106a34a598
sha512: 24d4553b019fb50f2894376695781bdab04a7c7fa2db35226fc23fbc19120b872cc92866b6766ad48e26a3e3e454ef3a86f7eaa8e8cf6befa8002f3e0bb421a8
ssdeep: 12288:jLjgl11uXC1hBTtdKVvXJF5A6cM03LrGCe0QjvjbjlyZ33q61rdr8+T:jLy11+C1hvdKVIMHCHWr0B71Rg+T
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

Version Info:

LegalCopyright: Copyright (C) 2011-2013 All Contributors
FileVersion: 1.0.1.4
CompanyName: 9377, Inc.
LegalTrademarks: 9377, Inc.
ProductName: 9377x9b45x5f71x4f20x8bf4 Lander
ProductVersion: 1.0.1.4
FileDescription: 9377x9b45x5f71x4f20x8bf4x5faex7aef
Translation: 0x0000 0x03a8

PUA:Win32/LTLogger also known as:

MicroWorld-eScanDropped:Application.Keylogger.QLV
FireEyeDropped:Application.Keylogger.QLV
McAfeeArtemis!E9936EE653C0
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
K7AntiVirusRiskware ( 004c69e01 )
BitDefenderDropped:Application.Keylogger.QLV
K7GWRiskware ( 004c69e01 )
SymantecPUA.Gen.2
APEXMalicious
AvastWin32:Malware-gen
GDataDropped:Application.Keylogger.QLV
Kasperskynot-a-virus:RiskTool.Win32.Logger.d
AlibabaRiskWare:Win32/Logger.80b1551c
NANO-AntivirusRiskware.Win32.Logger.eybpla
AegisLabRiskware.Win32.Logger.1!c
EmsisoftDropped:Application.Keylogger.QLV (B)
ComodoMalware@#13en4le4g3bwq
DrWebTrojan.BrowseBan.1615
ZillyaAdware.LTLoggerCRTD.Win32.4258
McAfee-GW-EditionArtemis
MaxSecureTrojan.Malware.8749753.susgen
SophosGeneric PUA HN (PUA)
MAXmalware (ai score=76)
MicrosoftPUA:Win32/LTLogger
ArcabitApplication.Keylogger.QLV
ZoneAlarmnot-a-virus:RiskTool.Win32.Logger.d
Ad-AwareDropped:Application.Keylogger.QLV
ESET-NOD32a variant of Win32/RiskWare.LTLogger.A
YandexRiskWare.LTLogger!
eGambitGeneric.Malware
AVGWin32:Malware-gen
Cybereasonmalicious.653c05
Paloaltogeneric.ml

How to remove PUA:Win32/LTLogger?

PUA:Win32/LTLogger removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment