The Win32/Spy.SpyEye.AN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. This malware is a typical example of spyware and may appear on your PC together with other viruses. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
Gridinsoft Anti-Malware
Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
What Win32/Spy.SpyEye.AN virus can do?
- Unconventionial language used in binary resources: Russian
- Authenticode signature is invalid
How to determine Win32/Spy.SpyEye.AN?
File Info:
name: E779A930DC009BF8825E.mlwpath: /opt/CAPEv2/storage/binaries/f90b203f6eb4ecf902b57577f0566e4f9f25e68c70513e4fefeeb960b925a19acrc32: AECFD7F5md5: e779a930dc009bf8825ec8cee69006ffsha1: 1bc093ec85f0eb2c580706d00d42668566a9ece6sha256: f90b203f6eb4ecf902b57577f0566e4f9f25e68c70513e4fefeeb960b925a19asha512: 584b3420a1e46fad81459e7cd21d39d9cc83fd30957f188bd7cbebc16fd843d6cce528df7d9e04d14e1a9b4986835211c8ba6a4760db3aecd1d3c9fc9ecf719essdeep: 6144:GCBWeHbyuCk2gOsWsb8TsyvNUZ74S+MrgdBmCl:TpbynfsyGZ74orgWtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T18F24BFA7226ED42AE2085278EC66CFFE41D3AFB49D2E808F33943D1E3379544D819576sha3_384: acb5d4d543d45daf7388c4e1a8a7fabfa1bcfa5e019bfb81edc1532692657cd72fe5b48805420f97d9fcdc73fbb09cf0ep_bytes: 558bec81c4c8feffff2bc8ffb500fefftimestamp: 2006-02-17 07:39:57Version Info:
CompanyName: МЦЭэЖЕУэЦрУШспКлтЕфЪНМЙэЛFileDescription: рмДЮТЮгиугЦыюкнмЪУлСмутчцяяFileVersion: 20.102.19.34InternalName: бмъеаМССОБдДюЧеННЙюмжхЮСВиLegalCopyright: 4662-1835OriginalFilename: qnj3.exeProductName: ГВВБъеЖБЪЖПщъГЫхАхштНЙProductVersion: 20.102.19.34Translation: 0x04b0 0x0417
Win32/Spy.SpyEye.AN also known as:
Elastic | malicious (high confidence) |
DrWeb | Trojan.Packed.20343 |
Cynet | Malicious (score: 100) |
FireEye | Generic.mg.e779a930dc009bf8 |
McAfee | Artemis!E779A930DC00 |
Zillya | Trojan.SpyEye.Win32.941 |
Sangfor | Trojan.Win32.Bredo.frsd |
CrowdStrike | win/malicious_confidence_100% (W) |
Alibaba | TrojanSpy:Win32/EyeStye.2eb9e7ef |
K7GW | Spyware ( 004e69b11 ) |
K7AntiVirus | Spyware ( 004e69b11 ) |
BitDefenderTheta | AI:Packer.45D5F1B41F |
VirIT | Trojan.Win32.Packed.BECL |
Cyren | W32/Qakbot.A.gen!Eldorado |
Symantec | W32.Qakbot |
ESET-NOD32 | Win32/Spy.SpyEye.AN |
TrendMicro-HouseCall | BKDR_QAKBOT.SMC |
Paloalto | generic.ml |
ClamAV | Win.Spyware.Zbot-1282 |
Kaspersky | Packed.Win32.Krap.hm |
BitDefender | Gen:Variant.Bredo.3 |
NANO-Antivirus | Trojan.Win32.Krap.dfaxfe |
MicroWorld-eScan | Gen:Variant.Bredo.3 |
Avast | Win32:MalOb-IJ [Cryp] |
Tencent | Win32.Trojan.Inject.Auto |
Ad-Aware | Gen:Variant.Bredo.3 |
Emsisoft | Gen:Variant.Bredo.3 (B) |
Comodo | MalCrypt.Indus!@1qrzi1 |
TrendMicro | BKDR_QAKBOT.SMC |
McAfee-GW-Edition | BehavesLike.Win32.Trojan.dh |
Sophos | Mal/Generic-R + Mal/Zbot-U |
Ikarus | Trojan-Spy.Win32.Zbot |
GData | Gen:Variant.Bredo.3 |
Jiangmin | TrojanSpy.SpyEyes.fl |
Webroot | W32.InfoStealer.SpyEye |
Avira | TR/Dropper.Gen |
Antiy-AVL | Trojan[Packed]/Win32.Krap |
ZoneAlarm | Packed.Win32.Krap.hm |
Microsoft | Trojan:Win32/EyeStye.H |
SentinelOne | Static AI – Malicious PE |
Acronis | suspicious |
ALYac | Gen:Variant.Bredo.3 |
Cylance | Unsafe |
APEX | Malicious |
Rising | Spyware.SpyEye!8.271 (CLOUD) |
Yandex | Trojan.Krap!KeVDjqR+8FU |
MAX | malware (ai score=100) |
Fortinet | W32/QAKBOT.SMG!tr |
AVG | Win32:MalOb-IJ [Cryp] |
Cybereason | malicious.0dc009 |
Panda | Trj/CI.A |
How to remove Win32/Spy.SpyEye.AN?
- Download and install GridinSoft Anti-Malware.
- Open GridinSoft Anti-Malware and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Select proper browser and options – Click “Reset”.
- Restart your computer.
Leave a Comment