Malware

Win32/PSW.OnLineGames.QFB removal instruction

Malware Removal

The Win32/PSW.OnLineGames.QFB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/PSW.OnLineGames.QFB virus can do?

  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

How to determine Win32/PSW.OnLineGames.QFB?



File Info:

crc32: ADBCD2A7
md5: deec61719a04cd203059a7a3dc0b47d8
name: DEEC61719A04CD203059A7A3DC0B47D8.mlw
sha1: edcfd53ac70fdfaed706d3e24cd68095a3bcfe6c
sha256: b9b19189b70cb2a96845273cec95ff4e696b613dee23f3f05cf431c1d2ab25b9
sha512: e808bea6ec6b88ef22e5f7ad96468656e7ac6e908727785a047ffd6d80a79c2863e3ba37bb899653d73aa1168c04bbb4980ec82be7c28834f337a6e92224fa58
ssdeep: 6144:Q1db49+rEg024fpLZazEjvE/rbay19tSt4bO2BaDmeBJe59kI2bK:QjkArEN249AyE/rbaMct4bO2/VsK
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

CompiledScript: AutoIt v3 Script: 3, 3, 6, 1
FileVersion: 3, 3, 6, 1
FileDescription: 
Translation: 0x0809 0x04b0

Win32/PSW.OnLineGames.QFB also known as:

K7AntiVirusTrojan ( 700000111 )
LionicTrojan.Win32.Banbra.lzKU
DrWebWin32.HLLW.Autoruner1.28843
CynetMalicious (score: 99)
ALYacTrojan.GenericKD.38017094
CylanceUnsafe
ZillyaTrojan.AutoIT.Win32.13093
AlibabaTrojanPSW:Win32/OnLineGames.04d2b719
K7GWTrojan ( 700000111 )
SymantecTrojan.Gen.MBT
ESET-NOD32Win32/PSW.OnLineGames.QFB
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan.Win32.Autoit.aur
BitDefenderTrojan.GenericKD.38017094
NANO-AntivirusTrojan.Win32.Autoit.coddhr
MicroWorld-eScanTrojan.GenericKD.38017094
TencentWin32.Trojan.Autoit.Wwye
Ad-AwareTrojan.GenericKD.38017094
SophosMal/Generic-S
ComodoMalware@#2zovla6x1tcu6
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.BadFile.fc
FireEyeTrojan.GenericKD.38017094
EmsisoftTrojan.GenericKD.38017094 (B)
JiangminTrojan.Reconyc.bvn
AviraTR/Spy.Antikick.C
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataTrojan.GenericKD.38017094
McAfeeArtemis!DEEC61719A04
MAXmalware (ai score=85)
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002H0CKD21
IkarusTrojan.Win32.Autoit
MaxSecureWin.MxResIcn.Heur.Gen
FortinetW32/Autoit.AUR!tr
AVGWin32:Malware-gen

How to remove Win32/PSW.OnLineGames.QFB?

Win32/PSW.OnLineGames.QFB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment