Win32/Adware.HPDefender.CQC information

The Win32/Adware.HPDefender.CQC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Adware.HPDefender.CQC virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Win32/Adware.HPDefender.CQC?


File Info:
name: 3E0FD799BA4923F08A20.mlw
path: /opt/CAPEv2/storage/binaries/3e7f789b972e81375cba05db969e3f5c3b53f9dd63df64a566bc0880dc20e5df
crc32: 7210C1A3
md5: 3e0fd799ba4923f08a20793016a14f78
sha1: 26c7e629bcbeebf229cb6ac7f63f5310b248edfa
sha256: 3e7f789b972e81375cba05db969e3f5c3b53f9dd63df64a566bc0880dc20e5df
sha512: 40475908ce22224e5c569dae6a095d946d1d7785aa089ccf6614a783f0d659c3c8f18ba63b6312fe010a10b7ae1698258f3fb7480d2f3722c590eb55d70bbb6b
ssdeep: 6144:VJOMad2Xk4YVr1cN69a6zHDJNXTTy9yAwuP5KfEkPhKFIcLok96cKRRGLoQxcXsX:FauYVRTrgtqMU8/fo/GYrUuL1icdyw+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T174D4193039FA5029F173AE765FE8B696D96FF6333735189F204143064A23981EE6173A
sha3_384: 0c8c10516f637f3d4c7178f32d7b83d7d8a95d987c5e357c452da5926cee23dd0a7352ee449a14be57e22371329c1fb8
ep_bytes: e80b030000e980feffff558bec56ff75
timestamp: 2017-12-02 10:12:25

Version Info:
ProductName: Uacyo
FileDescription: Fiowseedsa EYGSI Smiogopoo
OriginalFilename: Wdaimzivmi.exe
InternalName: Wdaimzivmi
Translation: 0x0409 0x04b0

Win32/Adware.HPDefender.CQC also known as:

Bkav	W32.AIDetect.malware1
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Symmi.98212
FireEye	Generic.mg.3e0fd799ba4923f0
ALYac	Gen:Variant.Symmi.98212
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Alibaba	Malware:Win32/km_2e96710.None
Cybereason	malicious.9ba492
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of Win32/Adware.HPDefender.CQC
APEX	Malicious
Paloalto	generic.ml
Kaspersky	UDS:Trojan.Multi.GenericML.xnet
BitDefender	Gen:Variant.Symmi.98212
NANO-Antivirus	Riskware.Win32.HPDefender.evyhnd
SUPERAntiSpyware	Adware.HPDefender/Variant
Avast	Win32:Adware-gen [Adw]
Tencent	Win32.Trojan.Zusy.Lkeh
Ad-Aware	Gen:Variant.Symmi.98212
Sophos	Generic PUA CG (PUA)
Comodo	ApplicUnwnt@#1yfj9d09zqtwm
Zillya	Adware.Hpdefender.Win32.121
McAfee-GW-Edition	BehavesLike.Win32.Generic.jh
Emsisoft	Gen:Variant.Symmi.98212 (B)
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Symmi.98212
Avira	HEUR/AGEN.1213110
Antiy-AVL	Trojan/Generic.ASMalwS.3285BE4
ViRobot	Adware.Hpdefender.652800
Microsoft	Trojan:Win32/Occamy.C3E
Cynet	Malicious (score: 99)
AhnLab-V3	Adware/Win32.HPDefender.C2668316
Acronis	suspicious
McAfee	PUP-XDL-HU
MAX	malware (ai score=99)
VBA32	BScope.Adware.Hpdefender
Malwarebytes	MachineLearning/Anomalous.100%
Rising	Trojan.Bitrep!8.F596 (CLOUD)
Ikarus	PUA.HPDefender
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/HPDefender
BitDefenderTheta	Gen:NN.ZexaF.34606.NC0@a4CSMdli
AVG	Win32:Adware-gen [Adw]
Panda	Trj/GdSda.A
CrowdStrike	win/grayware_confidence_100% (D)

How to remove Win32/Adware.HPDefender.CQC?

Win32/Adware.HPDefender.CQC removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X