Should I remove “Win32/Spy.KeyLogger.QWV”?

The Win32/Spy.KeyLogger.QWV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Spy.KeyLogger.QWV virus can do?

Behavioural detection: Executable code extraction – unpacking
Authenticode signature is invalid

How to determine Win32/Spy.KeyLogger.QWV?


File Info:
name: E6344546FC64041230F7.mlw
path: /opt/CAPEv2/storage/binaries/6f7c63ba5bb0264988ae424c13b8e4e46d31a05ffbd1a689a9ae7baeff92ddc0
crc32: 560DEBAE
md5: e6344546fc64041230f7f43e3bb4a6a8
sha1: 3d4cf48043070b5c7c54802ff5d3097a6a23ae23
sha256: 6f7c63ba5bb0264988ae424c13b8e4e46d31a05ffbd1a689a9ae7baeff92ddc0
sha512: d6e7421011b4eadedc454f0ce6bc1dff07a7770ad1848e690788cb9f2962413c964c3b7d3c6dfef47e91d1d5efe03ae1aac82ebe613d7ea1447ea4cacc712077
ssdeep: 6144:uz703IHpTFkZYBuYpq8t6QQ7REJ/xKwv+knGL4lb63VFA/+ppT2S3:M0epRkdpv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E6F40C516C2081C1F4CB22749816A5B8491DACD7FFE1B71AE7D47E0B76B2AF90422E37
sha3_384: 015df7b8b8f62016737dbb49c431e0eb37ee9458f6d4135a092e6e206170de5ff4c9ccf3068aabb3b140b4347ae572b7
ep_bytes: 68dc224600e8eeffffff000000000000
timestamp: 2019-11-24 11:37:41

Version Info:
Translation: 0x0409 0x04b0
CompanyName: Cyber Indonesia
ProductName: Project1k
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Project KLOG
OriginalFilename: Project KLOG.exe

Win32/Spy.KeyLogger.QWV also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Graftor.2894
FireEye	Gen:Variant.Graftor.2894
Skyhigh	BehavesLike.Win32.Infected.bz
ALYac	Gen:Variant.Graftor.2894
Malwarebytes	Generic.Malware/Suspicious
Sangfor	Trojan.Win32.KeyLogger.sgcns
K7AntiVirus	Spyware ( 005146d81 )
Alibaba	TrojanSpy:Win32/Xegumumune.d694ccc4
K7GW	Spyware ( 005146d81 )
Arcabit	Trojan.Graftor.DB4E
BitDefenderTheta	Gen:NN.ZevbaCO.36792.Wm0@aKDN93ii
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Spy.KeyLogger.QWV
APEX	Malicious
Kaspersky	Trojan-Spy.Win32.Xegumumune.csy
BitDefender	Gen:Variant.Graftor.2894
NANO-Antivirus	Trojan.Win32.Xegumumune.hjepvu
Avast	Win32:Trojan-gen
Tencent	Win32.Trojan-Spy.Xegumumune.Gkjl
Emsisoft	Gen:Variant.Graftor.2894 (B)
VIPRE	Gen:Variant.Graftor.2894
Sophos	Mal/Generic-S
Google	Detected
MAX	malware (ai score=85)
Antiy-AVL	Trojan[Spy]/Win32.Xegumumune
Kingsoft	malware.kb.a.970
Xcitium	Malware@#1e0nwu1pkgwo0
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	Trojan-Spy.Win32.Xegumumune.csy
GData	Gen:Variant.Graftor.2894
AhnLab-V3	Trojan/Win32.Graftor.C3723726
McAfee	Artemis!E6344546FC64
Cylance	unsafe
Panda	Trj/GdSda.A
Rising	Spyware.KeyLogger!8.12F (CLOUD)
Ikarus	Trojan.Win32.VB
Fortinet	W32/KeyLogger.OHL!tr.spy
AVG	Win32:Trojan-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Win32/Spy.KeyLogger.QWV?

Win32/Spy.KeyLogger.QWV removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X