Win32/KeyLogger.eMatrixSoft.P removal guide

The Win32/KeyLogger.eMatrixSoft.P is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/KeyLogger.eMatrixSoft.P virus can do?

Behavioural detection: Executable code extraction – unpacking
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Win32/KeyLogger.eMatrixSoft.P?


File Info:
name: DA59B4025465D076F4BB.mlw
path: /opt/CAPEv2/storage/binaries/d2f7da1f4f8f837f43ceca3537dc9b8e8fd4ee336c518597b5a5d3ae93f4ac7d
crc32: 6F6CD811
md5: da59b4025465d076f4bb5c955908bf25
sha1: bc3dffd4347e25d3a084a75a287f5280c6da84f4
sha256: d2f7da1f4f8f837f43ceca3537dc9b8e8fd4ee336c518597b5a5d3ae93f4ac7d
sha512: 2bcee2d6be5938bde7e2f979fb9be127172ed0494c1d4925c8e95f18102ca8f58ee3c8e089a47b893839696b1acda337abe6eefd414150b0e4f4da48833d2283
ssdeep: 1536:NDIHmuHPdPqlwFWbkmTBgdXNenLJWP5FJLY5OuTcjCNON9PAEG:NDJkPFZgtiNoIXCcj0w/G
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17573AD26F70E4162E45C86705A3307A72D29DC7961038E4FEF4EBE5D68B06D7A8E434B
sha3_384: 7a9240a79b5cefcd8c10aead0187a184fae71ff9668978aec2c1afa8f07e0928fa0ee841f840545ee4c3da47f87485ce
ep_bytes: 68c8b84000e8f0ffffff000000000000
timestamp: 2022-08-04 08:38:37

Version Info:
Translation: 0x0409 0x04b0
ProductName: 0
FileVersion: 1.00
ProductVersion: 1.00
InternalName: load
OriginalFilename: load.exe

Win32/KeyLogger.eMatrixSoft.P also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Trojan.GenericKD.61287763
FireEye	Generic.mg.da59b4025465d076
McAfee	Artemis!DA59B4025465
Cylance	Unsafe
VIPRE	Trojan.GenericKD.61287763
Sangfor	Trojan.Win32.Agent.V4vr
K7AntiVirus	Password-Stealer ( 0055e7411 )
K7GW	Password-Stealer ( 0055e7411 )
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/KeyLogger.eMatrixSoft.P
APEX	Malicious
Paloalto	generic.ml
BitDefender	Trojan.GenericKD.61287763
Avast	Win32:MiscX-gen [PUP]
Rising	Spyware.Keylogger!8.12F (TFE:5:ZsvQsO8qRNJ)
Ad-Aware	Trojan.GenericKD.61287763
Trapmine	malicious.high.ml.score
Emsisoft	Trojan.GenericKD.61287763 (B)
SentinelOne	Static AI – Malicious PE
GData	Trojan.GenericKD.61287763
Arcabit	Trojan.Generic.D3A72D53
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
BitDefenderTheta	Gen:NN.ZevbaF.34606.em0@ae3GBeai
ALYac	Trojan.GenericKD.61287763
MAX	malware (ai score=83)
TrendMicro-HouseCall	TROJ_GEN.R002H09HG22
AVG	Win32:MiscX-gen [PUP]
Cybereason	malicious.4347e2

How to remove Win32/KeyLogger.eMatrixSoft.P?

Win32/KeyLogger.eMatrixSoft.P removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X