Should I block it?

98%
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections

Relationships


PE structurePE file structure

Show functions
Import table
msvcrt.dll
DllMain

winqmvwk.exe

Remove winqmvwk.exe
MD5:   76cc008cf55ca8c23ec44b6df425b7ca
SHA1:   c9b21cd938174f74801d74a458cff96b0e4b7f64
SHA256:   f8c3feca61bbb2a8991245071412c0149b0e1d148bde90b2c058f0d2e4733b2f
Warning 42 antivirus scanners has detected malware.

Overview

winqmvwk.exe is malware that executes as a process under the SYSTEM account with extensive privileges (the system and the administrator accounts have the same file privileges) typically within the context of its parent gsvr.exe (by GIGABYTE UNITED INC). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked.

DetailsDetails

File name:winqmvwk.exe
Typical file path:C:\windows\temp\winqmvwk.exe
Size:12.67 KB (12,970 bytes)
Digital DNA
PE subsystem:Windows GUI
File packed:Yes
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\WINDOWS\TEMP\winarfoo.exe'
  • Firewall exception for 'C:\WINDOWS\TEMP\winqmvwk.exe'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 42 of them detected the following malware.
Antivirus engineEngine versionDetection
Agnitum 5.5.1.3 Trojan.Agent!t1MhnnZMztg
AhnLab V3 Internet Security 2013.03.04 Trojan/Win32.CSon
Avira AntiVir 7.11.63.114 TR/Proxy.Pramro.F.3
avast! 6.0.1289.0 Win32:Sality-GR
AVG 2014.0.3629 BackDoor.Generic16.ATPI
BitDefender 7.2 Trojan.Agent.AYVR
CAT Quick Heal 4.13.12.00 Backdoor.Mazben.iy.cw3
Clam AntiVirus 0.97.3.0 Win.Trojan.Pramro-3
Commtouch 5.4.1.7 W32/Heuristic-170!Eldorado
Comodo Internet Security 15445 Backdoor.Win32.Agent.lec
Dr.Web 8.13.4.20 Trojan.NtRootKit.6725
Emsisoft Anti-Malware None Trojan.Win32.Agent (A)
ESET NOD32 7.8072 Win32/Agent.HLU
Fortinet 5.0.43.0 W32/Mazben.IY!tr
F-Prot v6.4.6.5.141 W32/Heuristic-170!Eldorado
F-Secure 11.0.19020.35 Trojan.Agent.AYVR
G Data 13.4.22 Trojan.Agent.AYVR
Ikarus T3.1.4.0.0 Virus.Win32.Sality
Jiangmin 16.0.100 Backdoor.Generic.vgh
K7 AntiVirus 9.161.8284 Proxy-Program
Kaspersky 9.0.0.837 Backdoor.Win32.Mazben.iy
Kingsoft 2013.1.8.219 Win32.Hack.Undef.(kcloud)
Malwarebytes 1.62.0.140 Trojan.Agent
McAfee 5.400.1158 Generic.oa
McAfee Gateway Anti-Malware v2012.1-dat Generic.oa
Microsoft Security Essentials 1.9203.0 TrojanProxy:Win32/Pramro.F
NANO AntiVirus 0.22.8.50837 Trojan.Win32.Mazben.belkki
Norman 7.00.22 Pramro.C
nProtect 2013-03-03.01 Trojan-Downloader/W32.Small_Packed.12970.P
Panda Antivirus 10.0.3.5 Trj/Mailbot.GH
PC Tools 9.0.0.2 Trojan.Pramro
Rising Antivirus 24.51.02.04 Trojan.Proxy.Win32.Promro.a
Sophos 4.86.0 Mal/TinyDL-T
SUPERAntiSpyware 5.6.0.1008 Trojan.Agent/Gen-FraudPack
Symantec 20121.3.0.76 Trojan.Pramro
The Hacker None Posible_Worm32
Total Defense 37.0.10317 Win32/Maazben!generic
Trend Micro 9.740.0.1012 TROJ_PRAMRO.JEM
Trend Micro HouseCall 9.700.0.1001 TROJ_PRAMRO.JEM
Vba32 AntiVirus 3.12.20.2 Malware-Cryptor.Zhelatin.Net
VIPRE Antivirus 15846 Trojan.Win32.Generic!BT
ViRobot 2011.4.7.4223 Backdoor.Win32.A.Mazben.12970.H[UPX]

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00589979%
0.028634%
Kernel CPU:0.00099831%
0.013761%
User CPU:0.00490148%
0.014873%
Kernel CPU time:1,563 ms/min
100,923,805ms/min
Context switches:1/sec
284/sec
Memory
Private memory:1.45 MB
21.59 MB
Private (maximum):3.31 MB
Private (minimum):3.27 MB
Non-paged memory:1.45 MB
21.59 MB
Virtual memory:26.55 MB
140.96 MB
Virtual memory (peak):27.55 MB
169.69 MB
Working set:3.3 MB
18.61 MB
Working set (peak):3.31 MB
37.95 MB
Resource allocations
Threads:5
12
Handles:86
600
GUI GDI count:4
103
GUI USER count:1
49

BehaviorsProcess properties

Integrety level:Undefined
Platform:32-bit
Command lines:
  • C:\windows\temp\winarfoo.exe
  • C:\windows\temp\winqmvwk.exe
Owner:SYSTEM
Parent process:gsvr.exe (by GIGABYTE UNITED INC)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Microsoft Windows XP 100.00%

Distribution by countryDistribution by country

Indonesia installs about 100.00% of winqmvwk.exe.
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE