How to remove "Win32:Dropper-JQQ [Drp]"?

The Win32:Dropper-JQQ [Drp] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32:Dropper-JQQ [Drp] virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (4 unique times)
Creates RWX memory
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Reads data out of its own binary image
A process created a hidden window
Drops a binary and executes it
Uses Windows utilities for basic functionality
Sniffs keystrokes
A process attempted to delay the analysis task by a long amount of time.
Installs itself for autorun at Windows startup
Likely virus infection of existing system binary
Anomalous binary characteristics

Related domains:

www.wk1888.com

www.af0575.com

www.fz0575.com

How to determine Win32:Dropper-JQQ [Drp]?


File Info:
crc32: 88DAA8FC
md5: b94514d2c96e89e30ac9a1162e0cf33c
name: B94514D2C96E89E30AC9A1162E0CF33C.mlw
sha1: f207b38d8106a82518627946fff3e26e76671b96
sha256: 4a4df4b7b6fa96a888247a84d004604f88fd3cb7c2c2ce55caaa43a419e75f03
sha512: f8e621e6ecd8c0f2339b06607718432a89204b823428ab7fbf98d7b400a6e895bb42a45ea146eca38c22449239c12e2bf631bbebd5bbd77b598e7f6d9bc6cb05
ssdeep: 24576:25Oh8v5wcO4l5axzhl4GKz0iPz3McGJJYtvjo:C2q5Ljl5advoY6z8OtvE
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Win32:Dropper-JQQ [Drp] also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 003564d61 )
Elastic	malicious (high confidence)
DrWeb	Trojan.SpyBot.592
Cynet	Malicious (score: 99)
CAT-QuickHeal	Backdoor.Zegost.B
ALYac	Dropped:Trojan.GenericKD.31060208
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_80% (W)
Alibaba	TrojanDropper:Win32/Dorv.15616591
K7GW	Trojan ( 003564d61 )
Cybereason	malicious.2c96e8
Baidu	Win32.Trojan.Dialer.d
Cyren	W32/Zegost.MYEI-4034
Symantec	Backdoor.Trojan
ESET-NOD32	multiple detections
Zoner	Trojan.Win32.22067
APEX	Malicious
Avast	Win32:Dropper-JQQ [Drp]
ClamAV	Win.Malware.Generickdz-6957625-0
Kaspersky	HEUR:Trojan.Win32.Farfli.gen
BitDefender	Dropped:Trojan.GenericKD.31060208
NANO-Antivirus	Trojan.Win32.Scar.bcbyug
MicroWorld-eScan	Dropped:Trojan.GenericKD.31060208
Ad-Aware	Dropped:Trojan.GenericKD.31060208
Sophos	ML/PE-A + Troj/Scar-BZ
Comodo	Worm.Win32.Dropper.RA@1qraug
BitDefenderTheta	AI:Packer.EEAC388A20
TrendMicro	BKDR_ZEGOST.AD
McAfee-GW-Edition	Exploit-MS03-043.a
FireEye	Dropped:Trojan.GenericKD.31060208
Emsisoft	Dropped:Trojan.GenericKD.31060208 (B)
Jiangmin	Trojan.Generic.cakkw
Avira	HEUR/AGEN.1111177
eGambit	Unsafe.AI_Score_100%
Antiy-AVL	Trojan/Generic.ASBOL.B06
Microsoft	Trojan:Win32/Dorv.A
ZoneAlarm	HEUR:Trojan.Win32.Farfli.gen
GData	Win32.Trojan.PSE.19Q2126
McAfee	Artemis!B94514D2C96E
MAX	malware (ai score=81)
VBA32	SScope.Trojan.SvcHorse.01643
Malwarebytes	Backdoor.Farfli
Panda	Trj/CI.A
TrendMicro-HouseCall	BKDR_ZEGOST.AD
Rising	Trojan.Injector!1.A1C3 (CLASSIC)
Yandex	Trojan.GenAsa!pd90PKR7MRk
Ikarus	Trojan.Win32.Dialer
Fortinet	W32/Farfli.PZ!tr
AVG	Win32:Dropper-JQQ [Drp]
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.Dorv.HyoDXBIB

How to remove Win32:Dropper-JQQ [Drp]?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “Win32:Dropper-JQQ [Drp]”?