TrojanSpy:MSIL/Keylogger.BW removal tips

The TrojanSpy:MSIL/Keylogger.BW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What TrojanSpy:MSIL/Keylogger.BW virus can do?

Network activity detected but not expressed in API logs

How to determine TrojanSpy:MSIL/Keylogger.BW?


File Info:
crc32: D622B484
md5: cdd521dc8307aaa2036dfe46cd13eefa
name: CDD521DC8307AAA2036DFE46CD13EEFA.mlw
sha1: 150e2aa9b53b1833c93aa2567afd527877758d0c
sha256: 1132d9ccc698bd1fb423d57d3d4969779c9ee9dfde0258d1834a8ad21f6f63f6
sha512: 6a5aaf759a857265408514478b2faa68d65a557449f7341edc463a5cfd9f0835e46cdeb5bb4e2fdfa3f2a79ef78337790cf2d02b0cb2d445501edbbfec20f62c
ssdeep: 3072:hsdDxbCSsGIiDVbDJ7tNnCDDRvLGmrOAOkGt6+duWA/t/SHUebbxCbGgKk12qk/:UxbCoR5b9stvLGtELbMUTKZ
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
Assembly Version: 1.0.0.0
InternalName: jigga.exe
FileVersion: 1.0.0.0
CompanyName: Microsoft @ 2015
LegalTrademarks: Windows
Comments: Control ACLs Program
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 1.0.0.0
FileDescription: Control ACLs Program
OriginalFilename: jigga.exe

TrojanSpy:MSIL/Keylogger.BW also known as:

Lionic	Trojan.Win32.Generic.mCAZ
Elastic	malicious (high confidence)
DrWeb	Trojan.KeyloggerNET.12
ClamAV	Win.Packed.Razy-9812591-0
CAT-QuickHeal	Trojan.YakbeexMSIL.ZZ4
ALYac	Gen:Variant.Razy.571275
Malwarebytes	Trojan.Downloader
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	TrojanSpy:MSIL/Keylogger.cfca10eb
Cybereason	malicious.c8307a
Cyren	W32/MSIL_Kryptik.DRG.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Spy.Agent.AES
APEX	Malicious
Avast	MSIL:GenMalicious-RM [Trj]
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Razy.571275
MicroWorld-eScan	Gen:Variant.Razy.571275
Ad-Aware	Gen:Variant.Razy.571275
Sophos	Mal/Generic-R + Troj/Kryptik-VO
BitDefenderTheta	Gen:NN.ZemsilF.34050.pm0@aaNGA!b
TrendMicro	TSPY_KEYLOGGR.SM1
McAfee-GW-Edition	GenericRXDX-LW!CDD521DC8307
FireEye	Generic.mg.cdd521dc8307aaa2
Emsisoft	Gen:Variant.Razy.571275 (B)
SentinelOne	Static AI – Malicious PE
Avira	TR/ATRAPS.Gen
eGambit	Trojan.Generic
Microsoft	TrojanSpy:MSIL/Keylogger.BW
GData	Gen:Variant.Razy.571275
AhnLab-V3	Trojan/Win32.RL_Generic.C3443638
McAfee	GenericRXDX-LW!CDD521DC8307
MAX	malware (ai score=81)
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TSPY_KEYLOGGR.SM1
Rising	Spyware.Ranger!1.BE9B (CLASSIC)
Ikarus	Trojan.MSIL.Spy
Fortinet	MSIL/Generic.AP.AE308F0!tr
AVG	MSIL:GenMalicious-RM [Trj]
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.Generic.HgIASZAA

How to remove TrojanSpy:MSIL/Keylogger.BW?

TrojanSpy:MSIL/Keylogger.BW removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X