Win32/Spy.KeyLogger.PNW removal tips

The Win32/Spy.KeyLogger.PNW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Spy.KeyLogger.PNW virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Win32/Spy.KeyLogger.PNW?


File Info:
name: 1A28DBE78BC624F66382.mlw
path: /opt/CAPEv2/storage/binaries/a5a5c02d3494f18fc1b4cc71fb94843dd54985cc1901aad91dd89911da084bbb
crc32: 9FEAC6EA
md5: 1a28dbe78bc624f6638271a400569e0c
sha1: b922147e37a49f9ac49f9c40ecdc7342b6ccda07
sha256: a5a5c02d3494f18fc1b4cc71fb94843dd54985cc1901aad91dd89911da084bbb
sha512: 2a02c600d8362ef09c8fd3245012fad9afe7269d9792d407b2aa05f9edffaf44edaf5871f450f1226f767b30f21f32ef566f58c8dc850a93a52f7914495f72c2
ssdeep: 6144:6/sE4njvGgpKGA+h9ipDEVAXi/T7tRE2foidopUC9yGo1WPOGKamngMg5kZ4qY0W:6/sNVTHiFigny4
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T100543BA767DB9CF0ECD63F7E60DF63158B2AFC20FFA96662A614D9240043654583B381
sha3_384: 490994bb9ae717db276c4569d123d4fcfed634bccff309fb8d0dbcea2f4b82343797def99e6b9d68536946af578a4b11
ep_bytes: 83ec0cc705b883400000000000e83e07
timestamp: 2021-11-26 08:25:37

Version Info:
0: [No Data]

Win32/Spy.KeyLogger.PNW also known as:

Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Trojan.GenericKD.38124965
FireEye	Trojan.GenericKD.38124965
McAfee	Artemis!1A28DBE78BC6
Cylance	Unsafe
K7AntiVirus	Spyware ( 0050ea8e1 )
Alibaba	TrojanSpy:Win32/KeyLogger.bb10c5c4
K7GW	Spyware ( 0050ea8e1 )
ESET-NOD32	a variant of Win32/Spy.KeyLogger.PNW
TrendMicro-HouseCall	TROJ_GEN.R002H0CKT21
BitDefender	Trojan.GenericKD.38124965
Avast	Win32:Trojan-gen
Ad-Aware	Trojan.GenericKD.38124965
Emsisoft	Trojan.GenericKD.38124965 (B)
McAfee-GW-Edition	Artemis!Trojan
GData	Trojan.GenericKD.38124965
MAX	malware (ai score=85)
Gridinsoft	Ransom.Win32.Wacatac.sa
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
AhnLab-V3	Trojan/Win.PWS.C4792366
VBA32	BScope.TrojanSpy.GrammarSpy
ALYac	Trojan.GenericKD.38124965
Yandex	TrojanSpy.KeyLogger!OQgTMHBMOvI
Ikarus	Trojan-Spy.Agent
Fortinet	W32/KeyLogger.PNW!tr.spy
AVG	Win32:Trojan-gen

How to remove Win32/Spy.KeyLogger.PNW?

Win32/Spy.KeyLogger.PNW removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X