Determination: Bad
QJRKVY.EXE
AUTOMATED MALWARE PROFILE, ANALYSIS, REMOVAL AND SIGNATURE INFORMATION:
DEFINITION OF: QJRKVY.EXE
Safety Rating: Known Malware, do not run
Malware Family: Part of Malware group - Adware DailyToolbar
Malware Form: EXPLOIT
Protection: Prevx1 will protect, disinfect, cleanup and remove QJRKVY.EXE
Non Prevx Users: New users may cleanup and remove QJRKVY.EXE for free using the regular Prevx1
download
First seen: Jun 6 2006 (GMT)
Last seen: Today (GMT)
File Size: 13,312 bytes
MALWARE ASSESSMENT: PREVX 4 AXES OF EVIL METHODOLOGY
1. COVERT ANALYSIS OF: QJRKVY.EXE
File Names Used: 210
Paths Used: 21
Common File Name: QJRKVY.EXE
Common Path: %WINDIR%\SYSTEM32\
Vendor Information: No Vendor details specified
Version Information: 1.00
QJRKVY.EXE may use 210 or more path and file names, these are the most common:
1 :%windir%\system32\!!!!\WINFLASH.DLL
2 :%WINDIR%\SYSTEM32\WINFLASH.DLL
3 :%WINDIR%\SYSTEM32\XXX_QJRKVY.EXE
4 :?:\system volume informat...tore{?sid?}\rp{folder}\A0074927.EXE
File Name Structure: Common
File and Path Structure: Suspicious, unusually high number of file and path combinations
2. RELATIONSHIP ANALYSIS OF: QJRKVY.EXE
Malicious Objects Created: 1 objects
Malicious Creators: 2
Malware Run Keys: None
Self Persists:
Antivirus Detection: No third party antivirus detection observed
Anti-Spyware Detection: No third party anti-spyware detection observed
3. ACTIVITY ANALYSIS OF: QJRKVY.EXE
The following behaviors have been observed for this object:
Installs programs.
Runs other programs.
Hijacks running processes.
Creates known malware.
4. PROPAGATION ANALYSIS OF: QJRKVY.EXE
Malware Group Propagation Rate: Epidemic levels
Malware Group: Adware DailyToolbar
Copyright Prevx Limited 2005, 2006
http://fileinfo.prev...QJRKVY.EXE.htmlPlease follow the procedures outlined here: Malware Removal GuideYou will need a PC which can connect to the internetRun all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum
For the purpose of accurate malware analysis, Hijack This Logs are only dealt with in the Malware Forum. Posting them anywhere else will result in a delayed responseIf you are unable to run any of the programmes, please ask for advice in the Malware Forum