Troj/MSIL-QVQ removal tips

The Troj/MSIL-QVQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Troj/MSIL-QVQ virus can do?

Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Troj/MSIL-QVQ?


File Info:
name: 1E803093A11190E031CC.mlw
path: /opt/CAPEv2/storage/binaries/450f2746e4fb3576ff0226f32cde3b5229d5beb7bd57c323924acfe7da52defd
crc32: 932A3F09
md5: 1e803093a11190e031cc7f0b5aed3e37
sha1: 22950c1460b41aff9d9fe94bdfbba8face971621
sha256: 450f2746e4fb3576ff0226f32cde3b5229d5beb7bd57c323924acfe7da52defd
sha512: 9f688f6d819f331ef9c3f504dd2e2e81346732dd0711504ccc407237ae68c721a39ed050573bca3b09b5526b0fff4689bc4f944b57a950d14c4171068d2b50ca
ssdeep: 96:aFnmIraBscE2VYlnlYJnLEM/mTL0Kf1eg1VtXmrLhlK:axmBVInlYJL/eTLTR
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T13FC1C81697F44272C69B07730DF32B425B71D704EFA7EB6F0890A33259E35484663676
sha3_384: 22dc305533d65272a66a1d74775733b9111f284a934434a51be075324f05c7461c9cc576e3f1e1ff5a25633050f4dbb9
ep_bytes: ff250020400000000000000000000000
timestamp: 2016-08-02 14:25:20

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: luswfer9.dll
LegalCopyright:  
OriginalFilename: luswfer9.dll
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Troj/MSIL-QVQ also known as:

Bkav	W32.Jnk.ZegostTTc.Worm
Lionic	Trojan.Win32.Generic.4!c
Skyhigh	BehavesLike.Win32.BadFile.xt
Cylance	unsafe
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 004f17611 )
K7GW	Trojan ( 004f17611 )
CrowdStrike	win/malicious_confidence_70% (W)
Symantec	SecurityRisk.gen1
Sophos	Troj/MSIL-QVQ
SentinelOne	Static AI – Malicious PE
Varist	W32/MSIL_Agent.BSW.gen!Eldorado
Microsoft	Trojan:Win32/Zpevdo.B
ViRobot	Trojan.Win32.Small.6144.T
Google	Detected
McAfee	Artemis!1E803093A111
Rising	Trojan.Agent!1.A47E (CLASSIC)
Ikarus	Backdoor.Win32.Zegost
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.BSW!tr
DeepInstinct	MALICIOUS

How to remove Troj/MSIL-QVQ?

Troj/MSIL-QVQ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X