hqavi.exe - Dangerous


Manual removal instructions:

Antivirus Report of hqavi.exe:
hqavi.exe Malware
hqavi.exeHigh Risk
We suggest you to remove HQAVI.exe from your computer as soon as possible.
HQAVI.exe is Trojan/Backdoor.
Kill the process HQAVI.exe and remove HQAVI.exe from Windows startup.
HQAVI.exe is not related with Hqavi.com project!


Antivirus Version Last Update Result
Avast 4.8.1335.0 2009.06.21 -
AVG 2009.06.22 Downloader.Zlob_r.FY
BitDefender 7.2 2009.06.22 -
Comodo 1392 2009.06.22 -
DrWeb 2009.06.22 Trojan.Fakealert.4362
F-Secure 8.0.14470.0 2009.06.22 Trojan-Dropper.Win32.Agent.atxi
NOD32 4178 2009.06.22 Win32/Adware.SystemSecurity
Symantec 2009.06.22 Packed.Generic.234
Additional information
File size: 505655 bytes
MD5 : 36a978a2047c651dee966f549c2088b0
SHA1 : 5e5d65bafd703c9f8a1e7770eac4d7891891ea59

When the program is executed, it creates the following registry subkeys and values:

Values added:3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\10190934: "C:\Documents and Settings\All Users\Application Data\10190934\10190934.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\90200926: "C:\Documents and Settings\All Users\Application Data\90200926\90200926.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\GlobalUserOffline: 0x00000000

Values modified:0

Files added:4
C:\Documents and Settings\All Users\Application Data\10190934\10190934.exe
C:\Documents and Settings\All Users\Application Data\10190934\10190934.glu
C:\Documents and Settings\All Users\Application Data\90200926\90200926.exe
C:\Documents and Settings\All Users\Application Data\90200926.ini

Files deleted:1

Files [attributes?] modified:0

Folders added:2
C:\Documents and Settings\All Users\Application Data\10190934
C:\Documents and Settings\All Users\Application Data\90200926

Folders deleted:0

Total changes:10

Detected by RegRun Reanimator:

Item Name: 10190934
Author: Microsoft Corporation
Related File: C:\Documents and Settings\All Users\Application Data\10190934\10190934.exe
Type: Registry Run

Item Name: 90200926
Author: Microsoft Corporation
Related File: C:\Documents and Settings\All Users\Application Data\90200926\90200926.exe
Type: Registry Run

Removal Results: Success
Number of reboot: 1

Recommended software:
UnHackMe anti-rootkit and anti-malware
RegRun Security Suite (Good choice for removal and protection)

Remove hqavi.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.


You can read UnHackMe testimonials here.