Determining whether a file is malware or a legitimate process sometimes depends on the location
(path) it is running from. One of the ways that malware tries to hide is to give itself the same name as a critical system file. However, it then places itself in a different location (folder) than where the legitimate file resides and runs from there. Another techinique is for the process to alter the registry and add itself as a Startup program
or service so that it can run automatically each time the computer is booted.
Anytime you come across a suspicious file or one that you do not recognize, search the name using Google <- click here for an example
If you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to Jotti's virusscan
. In the "File to upload & scan
" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.Prevx's Investigation Report of the file "mqsv32.exe"
What did avast do with that file?