Win32/Spy.KeyLogger.QXR removal tips

The Win32/Spy.KeyLogger.QXR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Spy.KeyLogger.QXR virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Win32/Spy.KeyLogger.QXR?


File Info:
name: 2D5C9F59E36552EFF132.mlw
path: /opt/CAPEv2/storage/binaries/226bcbf94a8b5d7a3f73343c7a0ac9b6123cee9af1329bd34dcc54d74c22e368
crc32: 920A056B
md5: 2d5c9f59e36552eff132c34e2772c1d1
sha1: 7fa58fa923ed88a8311070ce5183b8868f064c39
sha256: 226bcbf94a8b5d7a3f73343c7a0ac9b6123cee9af1329bd34dcc54d74c22e368
sha512: e2b1debb12371d1f5f04e1a8e100f7b022f784b4c1192a1a08cd90fd2d589d27c9d54585c10317e74f2641a45a65567b4158c7f88c04c51bea0bc2df6f2256e5
ssdeep: 768:CWyB1VZnKoQy77RcxsgkWFBk9Dqc+D9XWTOKcx02QcpF:CWwVMoQyHK6Dqc+5GTOKcCcL
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1AE4308967DA58CE6F581633E90EFC37A537CF19186270BA37720B6341B637D229D8242
sha3_384: d2ac014fdd2e8ad1ac5c61ae13acbec550401b807062ccbc6d9516b402589bf0d1d26dd1b44b1112876969069c106d5c
ep_bytes: 83ec1cc7042401000000ff1550924000
timestamp: 2021-12-03 22:15:21

Version Info:
0: [No Data]

Win32/Spy.KeyLogger.QXR also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Trojan.GenericKD.38181862
FireEye	Generic.mg.2d5c9f59e36552ef
ALYac	Trojan.GenericKD.38181862
Cylance	Unsafe
K7AntiVirus	Spyware ( 00562eb01 )
Alibaba	TrojanSpy:Win32/KeyLogger.0ed1a299
K7GW	Spyware ( 00562eb01 )
Cybereason	malicious.9e3655
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Spy.KeyLogger.QXR
APEX	Malicious
Kaspersky	HEUR:Trojan-Spy.Win32.KeyLogger.gen
BitDefender	Trojan.GenericKD.38181862
Avast	Win32:Trojan-gen
Ad-Aware	Trojan.GenericKD.38181862
Emsisoft	Trojan.GenericKD.38181862 (B)
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Generic.qm
Sophos	Mal/Generic-S
Ikarus	Trojan-Spy.Agent
GData	Trojan.GenericKD.38181862
Avira	TR/Spy.KeyLogger.vtqjk
MAX	malware (ai score=87)
Antiy-AVL	Trojan/Generic.ASMalwS.347D24F
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.Generic.C4634671
McAfee	RDN/Generic PWS.y
TrendMicro-HouseCall	TROJ_GEN.R002H0CL321
Yandex	TrojanSpy.KeyLogger!vMdbe6UP3IE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/KeyLogger.PGU!tr
BitDefenderTheta	Gen:NN.ZexaF.34062.d4Y@aGjWrdd
AVG	Win32:Trojan-gen
Panda	Trj/GdSda.A

How to remove Win32/Spy.KeyLogger.QXR?

Win32/Spy.KeyLogger.QXR removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X