Spy

What is “Win32/Spy.Qeds.G”?

Malware Removal

The Win32/Spy.Qeds.G is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Spy.Qeds.G virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Authenticode signature is invalid

How to determine Win32/Spy.Qeds.G?



File Info:

name: 66944E2BAD51391ADC25.mlw
path: /opt/CAPEv2/storage/binaries/edae055f02e949bd175147e3990e5ea1a49b4e96ee50a85e041bb56d789f7553
crc32: EEE9CD0E
md5: 66944e2bad51391adc25bc360b17c532
sha1: 227661d0035bf2d80e7329fc3dfcdb60113c74bd
sha256: edae055f02e949bd175147e3990e5ea1a49b4e96ee50a85e041bb56d789f7553
sha512: 063d5fdf772b1bb981d4aec22e06d0242d13727aa3e53132f70c7b95de1a73dedb3503bae4e832fad62f58a8dbbff3630514b4603a343f434c8a8de145bdeaf7
ssdeep: 98304:7rNbQEXwUdHlbexgFCGBLCMhD4Ge717LKPRfvHT:3NbMULb4gFCG8Mt07172PxvHT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F70633A8E3947937D6E74CF178581D048923028658E9F7D399E9260D5262B7F32E0E3F
sha3_384: 790e2d2f5d79ff2112932b00544ebbb029531b99dd1c02963f26beebd188d7f2987f10c6962dea4c24a2ed7886d49f60
ep_bytes: 558bec81ec2c0500005356576a015e6a
timestamp: 2001-10-25 19:47:11


Version Info:

CompanyName: 深圳市腾讯计算机系统有限公司
FileDescription: QQ游戏大厅 
FileVersion: 0.10.108.45
LegalCopyright: 版权所有 (C) 2003

Win32/Spy.Qeds.G also known as:

MicroWorld-eScanTrojan.GenericKD.69158700
FireEyeTrojan.GenericKD.69158700
CAT-QuickHealTrojan.IGENERIC
McAfeeArtemis!66944E2BAD51
MalwarebytesGeneric.Malware/Suspicious
SangforTrojan.Win32.Qeds.V11i
K7AntiVirusSpyware ( 0004d3e11 )
AlibabaTrojanSpy:Win32/Generic.67b983df
K7GWSpyware ( 0004d3e11 )
CyrenW32/Trojan.XARG-5373
ESET-NOD32Win32/Spy.Qeds.G
BitDefenderTrojan.GenericKD.69158700
NANO-AntivirusTrojan.Win32.Qeds.bnakc
AvastWin32:Qeds-H [Trj]
EmsisoftTrojan.GenericKD.69158700 (B)
VIPRETrojan.GenericKD.69158700
McAfee-GW-EditionBehavesLike.Win32.Trojan.wc
GDataTrojan.GenericKD.69158700
MAXmalware (ai score=85)
XcitiumMalware@#3dqdslngf63o7
ArcabitTrojan.Generic.D41F472C
GoogleDetected
ALYacTrojan.GenericKD.69158700
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H09IC23
IkarusTrojan-Spy.Win32.Qeds
AVGWin32:Qeds-H [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_60% (W)

How to remove Win32/Spy.Qeds.G?

Win32/Spy.Qeds.G removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment