NSIS/TrojanDownloader.QQHelper.NAB.Gen removal instruction

The NSIS/TrojanDownloader.QQHelper.NAB.Gen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What NSIS/TrojanDownloader.QQHelper.NAB.Gen virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Authenticode signature is invalid

How to determine NSIS/TrojanDownloader.QQHelper.NAB.Gen?


File Info:
name: A5E0475DC8B729D99F6B.mlw
path: /opt/CAPEv2/storage/binaries/89b5d4c578c19d126479caab3a421c5147374c160ab822a5c4556fa1fa78227e
crc32: DA4BB71A
md5: a5e0475dc8b729d99f6b45672ef40891
sha1: e80df0ee2dca25cbb4525e09f6a148edec64b913
sha256: 89b5d4c578c19d126479caab3a421c5147374c160ab822a5c4556fa1fa78227e
sha512: b35a211941da97b5d340489970339ad49be79b347a37d7f9e236859ee59a2b301f34af3a016b8b0058940b4cbc7b5a5590888910a296d62164ab8b58a26811c1
ssdeep: 1536:XPgXwpm4RmzZwCnUF2ICqdkJI6JJV5z8c9l:XPgXLdqF2fqdkJIK9z8c9l
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11C23BE422370C473C83A16B00E7AA7ABDFB2651116A1575717A02F5EBD33493DA2E2CB
sha3_384: 98a6ad5ca1be96649615710d589d6b02b1313317c94ff4bba0b9cf6a93e5d760f9e2348810790f3c1b4efd8f04e43196
ep_bytes: 83ec2053555633db57895c2418c74424
timestamp: 2005-07-29 01:03:30

Version Info:
0: [No Data]

NSIS/TrojanDownloader.QQHelper.NAB.Gen also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
ClamAV	Win.Downloader.24749-2
FireEye	Generic.mg.a5e0475dc8b729d9
Cybereason	malicious.e2dca2
Baidu	NSIS.Trojan-Downloader.QQHelper.a
VirIT	Trojan.Win32.Agent.DAC
Symantec	Downloader
ESET-NOD32	NSIS/TrojanDownloader.QQHelper.NAB.Gen
APEX	Malicious
Cynet	Malicious (score: 99)
Kaspersky	Trojan-Downloader.NSIS.Agent.m
NANO-Antivirus	Trojan.Nsis.Dwn.dgzhmn
Avast	NSIS:Agent-KLB [Trj]
Tencent	Nsis.Trojan-Downloader.Ader.Najl
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Adware.QQHelp
Sophos	Mal/Behav-126
Ikarus	Trojan-Downloader.Win32.QQHelper
Jiangmin	TrojanDownloader.NSIS.am
Avira	TR/Dropper.Gen
Antiy-AVL	Trojan[Downloader]/NSIS.QQHelper.nab
ZoneAlarm	Trojan-Downloader.NSIS.Agent.m
Microsoft	TrojanDownloader:Win32/QQHelper.KA
Google	Detected
VBA32	TrojanSpy.Agent
Cylance	unsafe
AVG	NSIS:Agent-KLB [Trj]
CrowdStrike	win/malicious_confidence_60% (D)

How to remove NSIS/TrojanDownloader.QQHelper.NAB.Gen?

NSIS/TrojanDownloader.QQHelper.NAB.Gen removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X