Trojan

Should I remove “Trojan-Downloader.Win32.OffLoader.qpv”?

Malware Removal

The Trojan-Downloader.Win32.OffLoader.qpv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.OffLoader.qpv virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan-Downloader.Win32.OffLoader.qpv?



File Info:

name: F28F1337CFFB25E56F38.mlw
path: /opt/CAPEv2/storage/binaries/59d6449463828a76d1dc4a179bce8130b52162fe230f557144c50993c2a17a85
crc32: 2F3E9B1B
md5: f28f1337cffb25e56f38b645806ef9be
sha1: 0a60906b3c7e1c5960bb70a306633537fe9b014c
sha256: 59d6449463828a76d1dc4a179bce8130b52162fe230f557144c50993c2a17a85
sha512: 265ebbf53f858c105e2396d970f1fcbd7e32885725f1e57cb52ba52473f2c48641e02753e428c45b544b5e4f251f1942de06eb58aa4f322741e032a9941afaee
ssdeep: 98304:ykL6oYWh8JAV/VH97F3tlQ+WTt29s4C1eH9U:d/QJAZVdVQ+6t5o9U
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18CE5F13FF268A13ED5AA1B3245739260997B7A51A81A8C0F07FC384CCF765701E3B656
sha3_384: c6aae1a632b25374beb62799c1292b3158dfb359d986b232fec66342e84970414e28f7b82503044503b6918b3f1045f7
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2023-02-15 14:54:16


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Fix FiveM has Stopped Responding DirectX query DXGI ERROR DE
FileVersion:                     
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: Fix FiveM has Stopped Responding DirectX query DXGI ERROR DE
ProductVersion: 1.0                                               
Translation: 0x0000 0x04b0

Trojan-Downloader.Win32.OffLoader.qpv also known as:

BkavW32.AIDetectMalware
K7AntiVirusTrojan-Downloader ( 005a54591 )
K7GWTrojan-Downloader ( 005a54591 )
CyrenW32/OffLoader.B.gen!Eldorado
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.GWO
KasperskyTrojan-Downloader.Win32.OffLoader.qpv
AvastWin32:Malware-gen
F-SecureTrojan.TR/Dldr.Agent.pptwy
SophosMal/Generic-S
WebrootW32.Trojan.Gen
GoogleDetected
AviraTR/Dldr.Agent.pptwy
ZoneAlarmTrojan-Downloader.Win32.OffLoader.qpv
MicrosoftTrojan:Win32/OffLoader.ASD!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.OffLoader.R593443
TencentMalware.Win32.Gencirc.10bf1845
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Agent.0360!tr
AVGWin32:Malware-gen
Cybereasonmalicious.b3c7e1

How to remove Trojan-Downloader.Win32.OffLoader.qpv?

Trojan-Downloader.Win32.OffLoader.qpv removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment