Win32/Spy.KeyLogger.PHT removal guide

The Win32/Spy.KeyLogger.PHT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Spy.KeyLogger.PHT virus can do?

Uses Windows utilities for basic functionality
Authenticode signature is invalid

How to determine Win32/Spy.KeyLogger.PHT?


File Info:
name: 11E95F017FA8DEE67D0E.mlw
path: /opt/CAPEv2/storage/binaries/fc765f8ca88935694d4362282a109d65fc1cfc4d4a5b3d2714952bffc987ac12
crc32: 950462FD
md5: 11e95f017fa8dee67d0e330cf720a992
sha1: 86241dc72afdf5d7ed4bcbc8235eeccc6a71aa4a
sha256: fc765f8ca88935694d4362282a109d65fc1cfc4d4a5b3d2714952bffc987ac12
sha512: 9abca65040427128694eccb8f958b06b8b32c7e03675433c471ca8c54590f8143dd9f3e42fb97880a437cadbcadeb76b9627d732766cd8606ce6e03b5e54879d
ssdeep: 12288:dGvTu1fUe4bPM8lAIhyS9RfVPizeD0zKH1jN9tffGkHm6FTtQPa:QvTu1f0T+kRfVi7I1jN9tmkxtsa
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T143152829FB0665F4D617A3B2869EEB379B047A198022EF7FFF5BDA04A4330123C49155
sha3_384: e8010b5a9567850dada608602d1071ef19c9412ff82d72dcea948608ccfec3406bd3a56f5c965a79bf0066732793894d
ep_bytes: 83ec1cc7042401000000ff1520934e00
timestamp: 2021-08-12 17:38:21

Version Info:
0: [No Data]

Win32/Spy.KeyLogger.PHT also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.KeyLogger.4!c
DrWeb	Trojan.Encoder.25634
MicroWorld-eScan	Trojan.GenericKD.46789709
FireEye	Trojan.GenericKD.46789709
McAfee	GenericRXPJ-UP!11E95F017FA8
Malwarebytes	Generic.Malware/Suspicious
Zillya	Trojan.Keylogger.Win32.73319
Sangfor	Trojan.Win32.Tnega.ml
K7AntiVirus	Spyware ( 0051fabf1 )
Alibaba	TrojanSpy:Win32/KeyLogger.280f6819
K7GW	Spyware ( 0051fabf1 )
Cybereason	malicious.72afdf
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Spy.KeyLogger.PHT
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Trojan.GenericKD.46789709
Avast	Win32:Trojan-gen
Tencent	Win32.Trojan.Spy.Zfow
Emsisoft	Trojan.GenericKD.46789709 (B)
F-Secure	Trojan.TR/Spy.KeyLogger.hdfef
VIPRE	Trojan.GenericKD.46789709
McAfee-GW-Edition	GenericRXPJ-UP!11E95F017FA8
Sophos	Mal/Generic-S
Ikarus	Trojan-Spy.Agent
Webroot	W32.Trojan.Gen
Avira	TR/Spy.KeyLogger.hdfef
Antiy-AVL	Trojan[Spy]/Win32.KeyLogger
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	Trojan.Generic.D2C9F44D
GData	Trojan.GenericKD.46789709
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C4593179
VBA32	Trojan.Encoder
ALYac	Trojan.GenericKD.46789709
MAX	malware (ai score=83)
Cylance	unsafe
Panda	Trj/Chgt.AD
Yandex	TrojanSpy.KeyLogger!WphIJBG0U+k
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/KeyLogger.PHT!tr
AVG	Win32:Trojan-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Win32/Spy.KeyLogger.PHT?

Win32/Spy.KeyLogger.PHT removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X