The file SVC-QTMN.EXE is identified as the Trojan Program that is used for stealing bank information and users passwords.
To delete SVC-QTMN.EXE we suggest you should use UnHackMe:
http://www.unhackme.com
Malware Analysis of “Windows Antivirus Booster”
Full path on a computer: %Appdata%\svc-qtmn.exe
Detected by RegRun Warrior:
Item Name: FAV-S
Author:
Current Setting: %APPDATA%\SVC-QTMN.EXE
Type: Registry Run
Item Name: svc-qtmn.exe
Author: Unknown
Related File: %APPDATA%\SVC-QTMN.EXE
Type: Detected using Heuristic Algorithm
Removal Results: Success
Number of reboot: 1
“Windows Antivirus Booster” is known as:
Trojan.FakeAV, AdWare.WindowsExpertConsole
“Windows Antivirus Booster” hash:
- MD5: 4a88ec36b594fa0204435106a1144c44
The file tries to connect to the dangerous web site.
How to quickly detect “Windows Antivirus Booster” presence?
Registry:- HKLM\System\CurrentControlSet\Services\bckd\ImagePath: “33.sys”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\FAV-S: “%Appdata%\svc-????.exe”
Files:- %Appdata%\data.sec
- %Appdata%\svc-????.exe