Spy

How to remove “Win32/Spy.Agent.QHZ”?

Malware Removal

The Win32/Spy.Agent.QHZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Spy.Agent.QHZ virus can do?

  • Authenticode signature is invalid

How to determine Win32/Spy.Agent.QHZ?



File Info:

name: CB3405F7A7EB4893E6F3.mlw
path: /opt/CAPEv2/storage/binaries/2c5f328953c5c2b52527385998d90c177d18bdbc54a981a3d93afb28af112c11
crc32: D931A0A0
md5: cb3405f7a7eb4893e6f398cde6024fe6
sha1: 41eb66f9cc17d18334c196f7c409979c65223616
sha256: 2c5f328953c5c2b52527385998d90c177d18bdbc54a981a3d93afb28af112c11
sha512: ccac9bf44ce04a20fe0d91e6280a9cc1399bce79e20d5f7017ab71bf27e97bc0a00ed9597fe229f478b412e65985cd7b467ac0eb45bf4736085c6f28fc2b3c81
ssdeep: 6144:c4YqhSC0muVM/rrrI2Op4BjwMKnowAqd86fiAU0TbG3rwgTzuxLypWJ2AOXFnafq:c4YqhSC0muVMjrrI2Op4Bj1KnowAq+Rd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13C34AE5075D1C8B2E972157948F4EBB9CA3EBC264921CD6763D40BBACF306C1E1369B2
sha3_384: 49e280c3d3f2bb9a1179a4305f6af1a1fee341016f58c5c5d98081dd3134c278433603dac58e4685a6bbc877970f33c7
ep_bytes: e892060000e97afeffff558becf64508
timestamp: 2022-11-14 20:31:47


Version Info:

0: [No Data]

Win32/Spy.Agent.QHZ also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur.pqW@YwBP1Xg
FireEyeGeneric.mg.cb3405f7a7eb4893
ALYacGen:Trojan.Heur.pqW@YwBP1Xg
CylanceUnsafe
VIPREGen:Trojan.Heur.pqW@YwBP1Xg
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (D)
BitDefenderThetaAI:Packer.1263A8541B
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Spy.Agent.QHZ
APEXMalicious
BitDefenderGen:Trojan.Heur.pqW@YwBP1Xg
Ad-AwareGen:Trojan.Heur.pqW@YwBP1Xg
EmsisoftGen:Trojan.Heur.pqW@YwBP1Xg (B)
McAfee-GW-EditionBehavesLike.Win32.CoinMiner.dh
SentinelOneStatic AI – Malicious PE
GDataGen:Trojan.Heur.pqW@YwBP1Xg
AviraTR/Downloader.Gen2
MAXmalware (ai score=88)
ArcabitTrojan.Heur.E265D5
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
Acronissuspicious
VBA32suspected of Trojan.Downloader.gen
RisingTrojan.Generic@AI.96 (RDML:psDRAJukTjISmu2Ted0S0A)
Cybereasonmalicious.7a7eb4

How to remove Win32/Spy.Agent.QHZ?

Win32/Spy.Agent.QHZ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment