Malware

Win32/KeyLogger.eMatrixSoft.P removal guide

Malware Removal

The Win32/KeyLogger.eMatrixSoft.P is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Win32/KeyLogger.eMatrixSoft.P virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/KeyLogger.eMatrixSoft.P?


File Info:

name: DA59B4025465D076F4BB.mlw
path: /opt/CAPEv2/storage/binaries/d2f7da1f4f8f837f43ceca3537dc9b8e8fd4ee336c518597b5a5d3ae93f4ac7d
crc32: 6F6CD811
md5: da59b4025465d076f4bb5c955908bf25
sha1: bc3dffd4347e25d3a084a75a287f5280c6da84f4
sha256: d2f7da1f4f8f837f43ceca3537dc9b8e8fd4ee336c518597b5a5d3ae93f4ac7d
sha512: 2bcee2d6be5938bde7e2f979fb9be127172ed0494c1d4925c8e95f18102ca8f58ee3c8e089a47b893839696b1acda337abe6eefd414150b0e4f4da48833d2283
ssdeep: 1536:NDIHmuHPdPqlwFWbkmTBgdXNenLJWP5FJLY5OuTcjCNON9PAEG:NDJkPFZgtiNoIXCcj0w/G
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17573AD26F70E4162E45C86705A3307A72D29DC7961038E4FEF4EBE5D68B06D7A8E434B
sha3_384: 7a9240a79b5cefcd8c10aead0187a184fae71ff9668978aec2c1afa8f07e0928fa0ee841f840545ee4c3da47f87485ce
ep_bytes: 68c8b84000e8f0ffffff000000000000
timestamp: 2022-08-04 08:38:37

Version Info:

Translation: 0x0409 0x04b0
ProductName: 0
FileVersion: 1.00
ProductVersion: 1.00
InternalName: load
OriginalFilename: load.exe

Win32/KeyLogger.eMatrixSoft.P also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.61287763
FireEyeGeneric.mg.da59b4025465d076
McAfeeArtemis!DA59B4025465
CylanceUnsafe
VIPRETrojan.GenericKD.61287763
SangforTrojan.Win32.Agent.V4vr
K7AntiVirusPassword-Stealer ( 0055e7411 )
K7GWPassword-Stealer ( 0055e7411 )
CrowdStrikewin/malicious_confidence_90% (W)
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/KeyLogger.eMatrixSoft.P
APEXMalicious
Paloaltogeneric.ml
BitDefenderTrojan.GenericKD.61287763
AvastWin32:MiscX-gen [PUP]
RisingSpyware.Keylogger!8.12F (TFE:5:ZsvQsO8qRNJ)
Ad-AwareTrojan.GenericKD.61287763
Trapminemalicious.high.ml.score
EmsisoftTrojan.GenericKD.61287763 (B)
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.61287763
ArcabitTrojan.Generic.D3A72D53
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZevbaF.34606.em0@ae3GBeai
ALYacTrojan.GenericKD.61287763
MAXmalware (ai score=83)
TrendMicro-HouseCallTROJ_GEN.R002H09HG22
AVGWin32:MiscX-gen [PUP]
Cybereasonmalicious.4347e2

How to remove Win32/KeyLogger.eMatrixSoft.P?

Win32/KeyLogger.eMatrixSoft.P removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment