Trojan

MSIL/TrojanDownloader.Agent.LQV removal tips

Malware Removal

The MSIL/TrojanDownloader.Agent.LQV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.LQV virus can do?

  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/TrojanDownloader.Agent.LQV?



File Info:

name: F1A94D03F9B3D659711E.mlw
path: /opt/CAPEv2/storage/binaries/660f09dfd470224ba1e1060efdf290446edcbd01f82c03bd5b4eaf9be96e07e5
crc32: 7D2B8F1F
md5: f1a94d03f9b3d659711ee41b09045ea7
sha1: 5fd5efeae528c4b2ca7240fabbf62f2aaf5144a6
sha256: 660f09dfd470224ba1e1060efdf290446edcbd01f82c03bd5b4eaf9be96e07e5
sha512: c8a524f30ec04aaee1bde49eca47e5f7157fc91806a95c8041da4adfcf5fbfa6d44556d8723b0d552d1c8a6df8844c416bc665ede8357b6ce864b2cb3816e86a
ssdeep: 192:j3LvyzHuXxqNyzAWCz/UNxcPEYlYisUjdJPWULwu0Sc2HnhWgN7aoW9+KdMjpC5q:7DsuX1A3/UI1sEd3D/HRN7VrNlRGWJX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10F924D526768D616CA636E718BFACA433E3CB3C36801D77E2889F65D1D933C18B1166C
sha3_384: 357aacaf77d927dfd62ef8587412c0173e9fe690585f56b1e0f5b646fef0b99a1e4a2030eb52df6549034c304ea97386
ep_bytes: ff250020400000000000000000000000
timestamp: 2078-10-28 12:08:46


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: ZENITH
FileVersion: 1.0.0.0
InternalName: ZENITH.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: ZENITH.exe
ProductName: ZENITH
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/TrojanDownloader.Agent.LQV also known as:

Elasticmalicious (high confidence)
FireEyeGeneric.mg.f1a94d03f9b3d659
McAfeeArtemis!F1A94D03F9B3
AlibabaTrojanPSW:MSIL/Agensla.c6dfa688
CyrenW32/MSIL_Kryptik.GQJ.gen!Eldorado
SymantecMSIL.Downloader!gen7
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.LQV
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
AvastWin32:PWSX-gen [Trj]
McAfee-GW-EditionArtemis
SentinelOneStatic AI – Suspicious PE
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Trojan/Win32.Abnores.C3027453
BitDefenderThetaGen:NN.ZemsilF.34638.bm2@a8G50Do
TrendMicro-HouseCallTROJ_GEN.R06CH0CE522
FortinetMSIL/Agent.LFL!tr.dldr
AVGWin32:PWSX-gen [Trj]

How to remove MSIL/TrojanDownloader.Agent.LQV?

MSIL/TrojanDownloader.Agent.LQV removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment