Trojan

How to remove “Trojan-Downloader.Win32.QQHelper.vk”?

Malware Removal

The Trojan-Downloader.Win32.QQHelper.vk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.QQHelper.vk virus can do?

  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself

How to determine Trojan-Downloader.Win32.QQHelper.vk?



File Info:

crc32: 31252F58
md5: 511aabef39045dfd479dea7b8138fc96
name: 511AABEF39045DFD479DEA7B8138FC96.mlw
sha1: fb6652c1aba10d2357c6930103bd1cb073b828d4
sha256: 31c1386b4f617d72dbe51a82c57c6bff55ddadf20f6c2d3cf53da5a975b4bab3
sha512: 788ac830c9a6b9d7db5338f485978b6dce7db407cfc52f2828f5d56eb248bd2f9aace964bdd0e30ce9e060b26c4e086ac0c80d02bf516839695263a99f5defad
ssdeep: 6144:0MCafMq/KArhQkcUoYHsgda0+vQ6uDi1XAO75m05:0m3hQkcUotDQ6uDi1Xjm05
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2020 Microsoft
InternalName: EventSystemManager
FileVersion: 1.0.0.2
CompanyName: Microsoft
ProductName: Microsoft
ProductVersion: 1.0.0.2
FileDescription: Microsoft
OriginalFilename: EventSystemManager
Translation: 0x0804 0x04b0

Trojan-Downloader.Win32.QQHelper.vk also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur.RP.qu0@bG9t!Upj
FireEyeGeneric.mg.511aabef39045dfd
ALYacGen:Trojan.Heur.RP.qu0@bG9t!Upj
SUPERAntiSpywareTrojan.Agent/Gen-MSFake[Less]
SangforTrojan.Win32.Save.a
Cybereasonmalicious.f39045
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Downloader.Win32.QQHelper.vk
BitDefenderGen:Trojan.Heur.RP.qu0@bG9t!Upj
Paloaltogeneric.ml
Ad-AwareGen:Trojan.Heur.RP.qu0@bG9t!Upj
F-SecureTrojan.TR/Downloader.Gen2
SentinelOneStatic AI – Malicious PE
GDataGen:Trojan.Heur.RP.qu0@bG9t!Upj
AviraTR/Downloader.Gen2
MAXmalware (ai score=87)
ArcabitTrojan.Heur.RP.EA4FB5
ZoneAlarmTrojan-Downloader.Win32.QQHelper.vk
CynetMalicious (score: 100)
RisingDownloader.QQHelper!8.4B1 (CLOUD)
IkarusTrojan.Win32.Agent
FortinetW32/QQHelper.VK!tr.dldr
BitDefenderThetaAI:Packer.E028BC071F
AVGWin32:Malware-gen
CrowdStrikewin/malicious_confidence_90% (W)
Qihoo-360Win32/TrojanDownloader.Generic.HgIASPoA

How to remove Trojan-Downloader.Win32.QQHelper.vk?

Trojan-Downloader.Win32.QQHelper.vk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment