hqavi.exe - Dangerous
hqavi.exe
Manual removal instructions:
Antivirus Report of hqavi.exe:
hqavi.exe
We suggest you to remove HQAVI.exe from your computer as soon as possible.
HQAVI.exe is Trojan/Backdoor.
Kill the process HQAVI.exe and remove HQAVI.exe from Windows startup.
HQAVI.exe is not related with Hqavi.com project!
File:
HQAVI.exe
Classification:
Antivirus Version Last Update Result
Avast 4.8.1335.0 2009.06.21 -
AVG 8.5.0.339 2009.06.22 Downloader.Zlob_r.FY
BitDefender 7.2 2009.06.22 -
Comodo 1392 2009.06.22 -
DrWeb 5.0.0.12182 2009.06.22 Trojan.Fakealert.4362
F-Secure 8.0.14470.0 2009.06.22 Trojan-Dropper.Win32.Agent.atxi
NOD32 4178 2009.06.22 Win32/Adware.SystemSecurity
Symantec 1.4.4.12 2009.06.22 Packed.Generic.234
Additional information
File size: 505655 bytes
MD5 : 36a978a2047c651dee966f549c2088b0
SHA1 : 5e5d65bafd703c9f8a1e7770eac4d7891891ea59
Installation
When the program is executed, it creates the following registry subkeys and values:
----------------------------------
Values added:3
----------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\10190934: "C:\Documents and Settings\All Users\Application Data\10190934\10190934.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\90200926: "C:\Documents and Settings\All Users\Application Data\90200926\90200926.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\GlobalUserOffline: 0x00000000
----------------------------------
Values modified:0
----------------------------------
----------------------------------
Files added:4
----------------------------------
C:\Documents and Settings\All Users\Application Data\10190934\10190934.exe
C:\Documents and Settings\All Users\Application Data\10190934\10190934.glu
C:\Documents and Settings\All Users\Application Data\90200926\90200926.exe
C:\Documents and Settings\All Users\Application Data\90200926.ini
----------------------------------
Files deleted:1
----------------------------------
C:\sand-box\HQAVI.exe
----------------------------------
Files [attributes?] modified:0
----------------------------------
----------------------------------
Folders added:2
----------------------------------
C:\Documents and Settings\All Users\Application Data\10190934
C:\Documents and Settings\All Users\Application Data\90200926
----------------------------------
Folders deleted:0
----------------------------------
----------------------------------
Total changes:10
----------------------------------
-------------------------------------------------------------------------------------
Detected by RegRun Reanimator:
Item Name: 10190934
Author: Microsoft Corporation
Related File: C:\Documents and Settings\All Users\Application Data\10190934\10190934.exe
Type: Registry Run
Item Name: 90200926
Author: Microsoft Corporation
Related File: C:\Documents and Settings\All Users\Application Data\90200926\90200926.exe
Type: Registry Run
Removal Results: Success
Number of reboot: 1
Recommended software:
UnHackMe anti-rootkit and anti-malware
http://www.unhackme.com
RegRun Security Suite (Good choice for removal and protection)
| hqavi.exe | Malware |
| hqavi.exe | Dangerous |
| hqavi.exe | High Risk |
HQAVI.exe is Trojan/Backdoor.
Kill the process HQAVI.exe and remove HQAVI.exe from Windows startup.
HQAVI.exe is not related with Hqavi.com project!
File:
HQAVI.exe
Classification:
Antivirus Version Last Update Result
Avast 4.8.1335.0 2009.06.21 -
AVG 8.5.0.339 2009.06.22 Downloader.Zlob_r.FY
BitDefender 7.2 2009.06.22 -
Comodo 1392 2009.06.22 -
DrWeb 5.0.0.12182 2009.06.22 Trojan.Fakealert.4362
F-Secure 8.0.14470.0 2009.06.22 Trojan-Dropper.Win32.Agent.atxi
NOD32 4178 2009.06.22 Win32/Adware.SystemSecurity
Symantec 1.4.4.12 2009.06.22 Packed.Generic.234
Additional information
File size: 505655 bytes
MD5 : 36a978a2047c651dee966f549c2088b0
SHA1 : 5e5d65bafd703c9f8a1e7770eac4d7891891ea59
Installation
When the program is executed, it creates the following registry subkeys and values:
----------------------------------
Values added:3
----------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\10190934: "C:\Documents and Settings\All Users\Application Data\10190934\10190934.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\90200926: "C:\Documents and Settings\All Users\Application Data\90200926\90200926.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\GlobalUserOffline: 0x00000000
----------------------------------
Values modified:0
----------------------------------
----------------------------------
Files added:4
----------------------------------
C:\Documents and Settings\All Users\Application Data\10190934\10190934.exe
C:\Documents and Settings\All Users\Application Data\10190934\10190934.glu
C:\Documents and Settings\All Users\Application Data\90200926\90200926.exe
C:\Documents and Settings\All Users\Application Data\90200926.ini
----------------------------------
Files deleted:1
----------------------------------
C:\sand-box\HQAVI.exe
----------------------------------
Files [attributes?] modified:0
----------------------------------
----------------------------------
Folders added:2
----------------------------------
C:\Documents and Settings\All Users\Application Data\10190934
C:\Documents and Settings\All Users\Application Data\90200926
----------------------------------
Folders deleted:0
----------------------------------
----------------------------------
Total changes:10
----------------------------------
-------------------------------------------------------------------------------------
Detected by RegRun Reanimator:
Item Name: 10190934
Author: Microsoft Corporation
Related File: C:\Documents and Settings\All Users\Application Data\10190934\10190934.exe
Type: Registry Run
Item Name: 90200926
Author: Microsoft Corporation
Related File: C:\Documents and Settings\All Users\Application Data\90200926\90200926.exe
Type: Registry Run
Removal Results: Success
Number of reboot: 1
Recommended software:
UnHackMe anti-rootkit and anti-malware
http://www.unhackme.com
RegRun Security Suite (Good choice for removal and protection)
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.