Malware

Should I remove “Downloader.Win32.Yantai.hpq”?

Malware Removal

The Downloader.Win32.Yantai.hpq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Downloader.Win32.Yantai.hpq virus can do?

  • Presents an Authenticode digital signature
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Downloader.Win32.Yantai.hpq?



File Info:

crc32: 20AE5499
md5: d366a8e94733e7f9426d751b35753dd7
name: __________________mod____________mod51_1166870.exe
sha1: 2407bfc66428fc95d9d68e16d614af12782f2288
sha256: c6d5d8434bd698b8d6cb29f84503e17583f34a3fe796f67b909a66bb3610f2f5
sha512: ecfe171a4ca9eb8cafa3e9dc9b605cda753233f2e87b45736644c6714b62547a2aeaa453fe921d7a502ef783f1c5187a67ea22e698c457c4b2b53ca4a920c5a2
ssdeep: 98304:UcnX8gGouM+ewQ1ZMttlkxLnjZBPKhyh4Q2FXsJCCC+cCGKO8fW055iMmOUn210m:UWX8D9ewKjZ9hcF1+c5VaWs9mH2MBu
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: 
InternalName: zn.exe
FileVersion: 2.0.0.1
OriginalFilename: zn.exe
ProductVersion: 1.0.0.1
Translation: 0x0804 0x04b0

Downloader.Win32.Yantai.hpq also known as:

BkavW32.AIDetectVM.malware2
MicroWorld-eScanTrojan.GenericKD.42984328
McAfeeArtemis!D366A8E94733
K7AntiVirusTrojan-Downloader ( 0054ead51 )
BitDefenderTrojan.GenericKD.42984328
K7GWTrojan-Downloader ( 0054ead51 )
CrowdStrikewin/malicious_confidence_60% (W)
Kasperskynot-a-virus:Downloader.Win32.Yantai.hpq
AlibabaDownloader:Win32/Yantai.4f4f807a
APEXMalicious
RisingTrojan.Crypto!8.364 (TFE:dGZlOgXeq1ddwZKWNQ)
Ad-AwareTrojan.GenericKD.42984328
EmsisoftTrojan.GenericKD.42984328 (B)
McAfee-GW-EditionArtemis!Trojan
SophosGeneric PUA CE (PUA)
SentinelOneDFI – Malicious PE
WebrootW32.Trojan.Gen
MAXmalware (ai score=87)
ArcabitTrojan.Generic.D28FE388
ZoneAlarmnot-a-virus:Downloader.Win32.Yantai.hpq
MicrosoftTrojan:Win32/Wacatac.D!ml
VBA32BScope.Adware.Puamson
ALYacTrojan.GenericKD.42984328
PandaTrj/CI.A
GDataTrojan.GenericKD.42984328
AVGFileRepMetagen [Malware]

How to remove Downloader.Win32.Yantai.hpq?

Downloader.Win32.Yantai.hpq removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment