» hd-quality-v3-bg.exe
Overview
Analysis
File Details
Programs (1)

hd-quality-v3-bg.exe

Airwaves Moves

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application hd-quality-v3-bg.exe, “HD-Quality-v3 exe” by Airwaves Moves has been detected as adware by 19 anti-malware scanners. This file is typically installed with the program HD-Quality-v3 by Motoko Group which is a potentially unwanted software program. Part of the Corssrider web browser platform, the BG executable is a background process that manage various function of the installed extensions in user's browser including managing installation, updates and remote code downloads. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

Publisher:

HD-Quality-v3 (signed by Airwaves Moves)

Product:

HD-Quality-v3

Description:

HD-Quality-v3 exe

Version:

1000.1000.1000.1000

MD5:

4563e0678b9ad666c64af54cbd788c0e

SHA-1:

d837bee0e8826202d3530860e0672f5fa16daa9a

SHA-256:

ce722ea3e568b59b353ba81f35441d34b7b4ff7f943372178b2a0ea6e1bb9030

Scanner detections:

19 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Airwaves Moves.

Analysis date:

5/3/2024 6:55:45 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/CrossRider.Gen2

7.11.172.156

AVG

Generic

2015.0.3351

Dr.Web

Trojan.Crossrider.31855

9.0.1.0258

ESET NOD32

Win32/Toolbar.CrossRider.AL potentially unwanted application

8.7.0.302.0

G Data

Win32.Adware.Crossrider

14.9.24

herdProtect (fuzzy)

variant of hquality-v3-bg.exe (Adware)

2014.11.14.2

IKARUS anti.virus

Trojan.GoogUpdate

t3scan.1.7.8.0

Kaspersky

not-a-virus:AdWare.NSIS.Adwapper

14.0.0.3248

Malwarebytes

PUP.Optional.HDQuality.A

v2014.09.15.08

McAfee

Artemis!4563E0678B9A

5600.7007

NANO AntiVirus

Riskware.Win32.Toolbar.decvop

0.28.2.62151

Panda Antivirus

Trj/Genetic.gen

14.09.15.08

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.Crossrider.AirwavesMoves.Q

14.9.15.8

Rising Antivirus

PE:Malware.Obscure!1.9C59

23.00.65.14913

Sophos

Generic PUA NI

4.98

Vba32 AntiVirus

AdWare.Adwapper

3.12.26.3

VIPRE Antivirus

Threat.4789396

32938

Zillya! Antivirus

Trojan.GoogUpdate.Win32.2338

2.0.0.1925

File size:

622.4 KB (637,336 bytes)

Product version:

1000.1000.1000.1000

Original file name:

HD-Quality-v3.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\hd-quality-v3\hd-quality-v3-bg.exe

Digital Signature

Signed by:

Airwaves Moves

Authority:

COMODO CA Limited

Valid from:

8/14/2014 1:00:00 AM

Valid to:

8/15/2015 12:59:59 AM

Subject:

CN=Airwaves Moves, O=Airwaves Moves, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

1B38D9E53AEB06C578CCDBFFEAA46567

File PE Metadata

Compilation timestamp:

9/2/2014 11:07:08 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:ANC9i2p10ASvZ+j3QvLISdYZXaqnXJsNNeT2YY:0TcZR1Fo8WNgTw

Entry address:

0x51948

Entry point:

E8, 5F, CC, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, A0, 4B, 49, 00, E8, 52, 49, 00, 00, E8, C6, 1C, 00, 00, 0F, B7, F0, 6A, 02, E8, F2, CB, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 70, 51, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.4617

Code size:

494.5 KB (506,368 bytes)

The file hd-quality-v3-bg.exe has been discovered within the following program.

HD-Quality-v3 by Motoko Group

HD-Quality / Cinema Plus is an advertising supported (adware) extension that runs in the context of the user's web browser as well as a process in the background.

crossrider.com/install/61788-cinema-plus-1-2c

83% remove it

Remove hd-quality-v3-bg.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.