VRQUploadFiles.exe

VRQTool Application

Symantec Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘VRQ Uploader’. This is installed with NortonVRQ.
Publisher:
Symantec Corporation  (signed and verified)

Product:
VRQTool Application

Version:
5.0.2.10

MD5:
d56ed32a0ae6eb8800f231c8242fd671

SHA-1:
72bc77a8c1f32c76aa70967effa87122f694bd72

SHA-256:
2c55026903abba49b1866823dbc0ed947cba7e77bb119868f310a095f06b2ebb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/3/2016 5:59:48 AM UTC  (today)

File size:
1.3 MB (1,337,712 bytes)

Product version:
5.0

Copyright:
Copyright © 2010 Symantec Corporation. All rights reserved.

Original file name:
VRQUploadFiles.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\nortonvrq\engine\5.0.2.10\vrquploadfiles.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/30/2007 8:00:00 PM

Valid to:
11/24/2010 6:59:59 PM

Subject:
CN=Symantec Corporation, OU=Symantec Research Labs, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Symantec Corporation, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
758F5EE8263B6694719D8434EB998608

File PE Metadata
Compilation timestamp:
6/11/2010 12:09:47 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:3no1XDbXHlW8flSRRnjv2HHeEVgIEV1fTBATruDHHHnUtQfS8tNO0nOyYrN/jwu:XoRTHl1UJj2HHeEVg1VBTqTSDHHHnUtD

Entry address:
0x853A3

Entry point:
E8, A1, E4, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C, 24...
 
[+]

Entropy:
6.7400

Code size:
707 KB (723,968 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
VRQ Uploader

Command:
C:\Program Files\nortonvrq\engine\5.0.2.10\vrquploadfiles.exe


The file VRQUploadFiles.exe has been discovered within the following program.

NortonVRQ  by Symantec Corporation
The VRQ tool allows an engineer to search for and remove malicious programs that conventional anti-virus software is unable to remove. The tool does not offer continuous protection against virus or spyware threats, and should only be used after an infection has occurred.
www.symantec.com/techsupp
4% remove it
 
Powered by Should I Remove It?