Spyware.PasswordStealer.XMP.Generic malicious file

The Spyware.PasswordStealer.XMP.Generic is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Spyware.PasswordStealer.XMP.Generic virus can do?

• Creates RWX memory
• Reads data out of its own binary image
• A process created a hidden window

How to determine Spyware.PasswordStealer.XMP.Generic?

File Info:
crc32: CDCE1DFCmd5: 51a3af0843364aeda930476ebaf3102fname: lky.exesha1: 439dcaf280b2384060ed9237dce68fabdce39031sha256: 4acc26b5f79c556cbb1a396ea8666739e8992399739e6179e216cf52b81a5821sha512: f3f5ba5dbda7aa68092d7986b31b1faeba89ddf938e2482ac056902c97d2e9cd62ea527e447ab97a19eecbdcfb6a5b6aaed4a3aa6eb8350d5c8b188d0da22848ssdeep: 3072:bdBqF5acKBBYQ02ulECxAkYTRmXVQp0HhdJkhtvIHEv84qDbKW/UN0XWp1KbIe81:btbOljxHQqhdJkhYYqqWm0XKP1type: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright (C) coggers 2019InternalName: sulphostannate.exeFileVersion: 8.4.1.3CompanyName: TeenaProductName: fattenProductVersion: 8.1.7.3FileDescription: paraconicOriginalFilename: ilama.exeTranslation: 0x0409 0x04b0

Spyware.PasswordStealer.XMP.Generic also known as:

MicroWorld-eScan	Trojan.GenericKD.32648454
FireEye	Generic.mg.51a3af0843364aed
CAT-QuickHeal	Backdoor.Androm
McAfee	RDN/Generic BackDoor
Malwarebytes	Spyware.PasswordStealer.XMP.Generic
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Androm.m!c
K7AntiVirus	Trojan ( 0055a6c31 )
BitDefender	Trojan.GenericKD.32648454
K7GW	Trojan ( 0055a6c31 )
Cybereason	malicious.280b23
BitDefenderTheta	Gen:NN.ZexaF.32245.ny3@aKbRpSli
Cyren	W32/Trojan.AEYL-6519
Symantec	Trojan.Gen.MBT
TrendMicro-HouseCall	TROJ_GEN.R015C0WJR19
Paloalto	generic.ml
Kaspersky	Backdoor.Win32.Androm.tkqj
Alibaba	Backdoor:Win32/Androm.eb287adc
NANO-Antivirus	Trojan.Win32.Azorult.getfyz
ViRobot	Trojan.Win32.Z.Agent.226390
Rising	Trojan.Kryptik!1.BE72 (CLASSIC)
Ad-Aware	Trojan.GenericKD.32648454
Sophos	Mal/Generic-S
Comodo	Malware@#t55d2yozc5nq
F-Secure	Heuristic.HEUR/AGEN.1039972
DrWeb	Trojan.PWS.Stealer.25838
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Expiro.dc
SentinelOne	DFI – Malicious PE
Trapmine	suspicious.low.ml.score
Emsisoft	Trojan.GenericKD.32648454 (B)
APEX	Malicious
GData	Trojan.GenericKD.32648454
Jiangmin	Trojan.PSW.Azorult.epd
Webroot	W32.Trojan.Gen
Avira	HEUR/AGEN.1039972
Antiy-AVL	Trojan[Backdoor]/Win32.Androm
Microsoft	Trojan:Win32/Azorult.PC!MTB
Endgame	malicious (high confidence)
Arcabit	Trojan.Generic.D1F22D06
ZoneAlarm	Backdoor.Win32.Androm.tkqj
AhnLab-V3	Malware/Win32.Generic.C3534682
Acronis	suspicious
VBA32	Backdoor.Androm
ALYac	Spyware.LokiBot
MAX	malware (ai score=83)
Cylance	Unsafe
ESET-NOD32	a variant of Win32/GenKryptik.DWIQ
Yandex	Backdoor.Androm!YbuuBkppCIY
Ikarus	Trojan.Win32.Krypt
Fortinet	W32/Kryptik.GWYH!tr
AVG	Win32:Trojan-gen
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_80% (W)
Qihoo-360	Win32/Backdoor.0f6

How to remove Spyware.PasswordStealer.XMP.Generic?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.