About “Trojan-Spy.Win32.KeyLogger.vho” infection

The Trojan-Spy.Win32.KeyLogger.vho is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Spy.Win32.KeyLogger.vho virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Trojan-Spy.Win32.KeyLogger.vho?


File Info:
name: 5481F6DA56BB25981550.mlw
path: /opt/CAPEv2/storage/binaries/b719f30cc266c51b4a229b8274f0c0bcdcd3fa6c9e0d7cbcb97b35c765bbbaf9
crc32: E1D0FC7B
md5: 5481f6da56bb259815506e63c89e229a
sha1: d38604b9f5470993dc58600be3427fc4a147c526
sha256: b719f30cc266c51b4a229b8274f0c0bcdcd3fa6c9e0d7cbcb97b35c765bbbaf9
sha512: 742785c70fbabac7ab88ddda6ac41d0e0689d5229ad631b26c9b9eed18d46be51858cd9972d0ba832678567e1ac539f3389b7305d76b9d31ccc3934a610eceec
ssdeep: 1536:mVJnjSc3ctq1gxy6zIxws6e1Y2UNO9WuOuY63+nsP5oR:mXKtr86zIT6e1Y2l9LOuY6B5oR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11CE32862E9C54803E4AE0E7073C9197D6EF9DC45F752086297A2736F07F35B081ABCA9
sha3_384: d6153d886c88fc7c0938123f27817db8531dd3fe649da856de20aa2da184d134beee05b0db100014198473f1573dde02
ep_bytes: 558bec6aff6808b44000683090400064
timestamp: 1999-06-23 17:15:56

Version Info:
CompanyName: 
FileDescription: 
FileVersion: 
InternalName: 
OriginalFilename: 
ProductName: 
ProductVersion: 
Translation: 0x0409 0x04b0

Trojan-Spy.Win32.KeyLogger.vho also known as:

Lionic	Trojan.Win32.KeyLogger.l!c
McAfee	Artemis!5481F6DA56BB
Cylance	Unsafe
K7AntiVirus	Unwanted-Program ( 004bb7901 )
K7GW	Unwanted-Program ( 004bb7901 )
ESET-NOD32	a variant of Win32/GameHack.AD potentially unsafe
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-Spy.Win32.KeyLogger.vho
NANO-Antivirus	Riskware.Win32.Hatkeys.bddxcz
Avast	FileRepMalware
VIPRE	Trojan.HotKeyHook (fs)
GData	Win32.Application.Agent.YK03LH
Jiangmin	TrojanSpy.KeyLogger.mfx
Avira	TR/Spy.KeyLogger.zfjdd
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 99)
VBA32	BScope.TrojanSpy.Keylogger
Fortinet	Riskware/GameHack
AVG	FileRepMalware

How to remove Trojan-Spy.Win32.KeyLogger.vho?

Trojan-Spy.Win32.KeyLogger.vho removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X