The Win32/Spy.SpyEye.AN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. This malware is a typical example of spyware and may appear on your PC together with other viruses. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
Gridinsoft Anti-Malware
Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
What Win32/Spy.SpyEye.AN virus can do?
- Unconventionial language used in binary resources: Russian
- Authenticode signature is invalid
How to determine Win32/Spy.SpyEye.AN?
File Info:
name: E779A930DC009BF8825E.mlwpath: /opt/CAPEv2/storage/binaries/f90b203f6eb4ecf902b57577f0566e4f9f25e68c70513e4fefeeb960b925a19acrc32: AECFD7F5md5: e779a930dc009bf8825ec8cee69006ffsha1: 1bc093ec85f0eb2c580706d00d42668566a9ece6sha256: f90b203f6eb4ecf902b57577f0566e4f9f25e68c70513e4fefeeb960b925a19asha512: 584b3420a1e46fad81459e7cd21d39d9cc83fd30957f188bd7cbebc16fd843d6cce528df7d9e04d14e1a9b4986835211c8ba6a4760db3aecd1d3c9fc9ecf719essdeep: 6144:GCBWeHbyuCk2gOsWsb8TsyvNUZ74S+MrgdBmCl:TpbynfsyGZ74orgWtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T18F24BFA7226ED42AE2085278EC66CFFE41D3AFB49D2E808F33943D1E3379544D819576sha3_384: acb5d4d543d45daf7388c4e1a8a7fabfa1bcfa5e019bfb81edc1532692657cd72fe5b48805420f97d9fcdc73fbb09cf0ep_bytes: 558bec81c4c8feffff2bc8ffb500fefftimestamp: 2006-02-17 07:39:57Version Info:
CompanyName: МЦЭэЖЕУэЦрУШспКлтЕфЪНМЙэЛFileDescription: рмДЮТЮгиугЦыюкнмЪУлСмутчцяяFileVersion: 20.102.19.34InternalName: бмъеаМССОБдДюЧеННЙюмжхЮСВиLegalCopyright: 4662-1835OriginalFilename: qnj3.exeProductName: ГВВБъеЖБЪЖПщъГЫхАхштНЙProductVersion: 20.102.19.34Translation: 0x04b0 0x0417
Win32/Spy.SpyEye.AN also known as:
| Elastic | malicious (high confidence) |
| DrWeb | Trojan.Packed.20343 |
| Cynet | Malicious (score: 100) |
| FireEye | Generic.mg.e779a930dc009bf8 |
| McAfee | Artemis!E779A930DC00 |
| Zillya | Trojan.SpyEye.Win32.941 |
| Sangfor | Trojan.Win32.Bredo.frsd |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Alibaba | TrojanSpy:Win32/EyeStye.2eb9e7ef |
| K7GW | Spyware ( 004e69b11 ) |
| K7AntiVirus | Spyware ( 004e69b11 ) |
| BitDefenderTheta | AI:Packer.45D5F1B41F |
| VirIT | Trojan.Win32.Packed.BECL |
| Cyren | W32/Qakbot.A.gen!Eldorado |
| Symantec | W32.Qakbot |
| ESET-NOD32 | Win32/Spy.SpyEye.AN |
| TrendMicro-HouseCall | BKDR_QAKBOT.SMC |
| Paloalto | generic.ml |
| ClamAV | Win.Spyware.Zbot-1282 |
| Kaspersky | Packed.Win32.Krap.hm |
| BitDefender | Gen:Variant.Bredo.3 |
| NANO-Antivirus | Trojan.Win32.Krap.dfaxfe |
| MicroWorld-eScan | Gen:Variant.Bredo.3 |
| Avast | Win32:MalOb-IJ [Cryp] |
| Tencent | Win32.Trojan.Inject.Auto |
| Ad-Aware | Gen:Variant.Bredo.3 |
| Emsisoft | Gen:Variant.Bredo.3 (B) |
| Comodo | MalCrypt.Indus!@1qrzi1 |
| TrendMicro | BKDR_QAKBOT.SMC |
| McAfee-GW-Edition | BehavesLike.Win32.Trojan.dh |
| Sophos | Mal/Generic-R + Mal/Zbot-U |
| Ikarus | Trojan-Spy.Win32.Zbot |
| GData | Gen:Variant.Bredo.3 |
| Jiangmin | TrojanSpy.SpyEyes.fl |
| Webroot | W32.InfoStealer.SpyEye |
| Avira | TR/Dropper.Gen |
| Antiy-AVL | Trojan[Packed]/Win32.Krap |
| ZoneAlarm | Packed.Win32.Krap.hm |
| Microsoft | Trojan:Win32/EyeStye.H |
| SentinelOne | Static AI – Malicious PE |
| Acronis | suspicious |
| ALYac | Gen:Variant.Bredo.3 |
| Cylance | Unsafe |
| APEX | Malicious |
| Rising | Spyware.SpyEye!8.271 (CLOUD) |
| Yandex | Trojan.Krap!KeVDjqR+8FU |
| MAX | malware (ai score=100) |
| Fortinet | W32/QAKBOT.SMG!tr |
| AVG | Win32:MalOb-IJ [Cryp] |
| Cybereason | malicious.0dc009 |
| Panda | Trj/CI.A |
How to remove Win32/Spy.SpyEye.AN?
- Download and install GridinSoft Anti-Malware.
- Open GridinSoft Anti-Malware and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Select proper browser and options – Click “Reset”.
- Restart your computer.
Leave a Comment