How to remove $R0OK5QW.exe
- File Details
- Overview
- Analysis
$R0OK5QW.exe
The module $R0OK5QW.exe has been detected as PUP.Uniblue
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
efe88ee44ea2e52046e9efaccc7349d0 |
| Size: |
27 KB |
| First Published: |
2017-12-06 21:04:25 (7 years ago) |
| Latest Published: |
2019-10-25 12:34:11 (5 years ago) |
| Status: |
PUP.Uniblue (on last analysis) |
|
| Analysis Date: |
2019-10-25 12:34:11 (5 years ago) |
Overview
| %programfiles%\uniblue\driverscanner |
| %programfiles%\uniblue |
| %sysdrive%\adwcleaner\quarantine\files\yrrjekcmrjizywhwqietzvidrjrhsfmt |
| %sysdrive%\$recycle.bin\s-1-5-21-999861514-581272262-3496697415-1001 |
| %sysdrive%\$recycle.bin |
| %sysdrive%\archivos de programa\uniblue |
| %sysdrive% |
| %sysdrive%\adwcleaner\quarantine\exuieaoeii |
| %sysdrive%\новая папка\uniblue |
| %sysdrive%\adwcleaner\quarantine\v1\20180513.104805\2\uniblue |
| thirdpartyinstaller.exe |
| $R0OK5QW.exe |
| thirdpartyinstaller.exe#DE66B38764014B53 |
|
19.7% |
|
|
12.1% |
|
|
9.1% |
|
|
7.6% |
|
|
7.6% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
|
3.0% |
|
|
3.0% |
|
|
3.0% |
|
|
3.0% |
|
|
3.0% |
|
|
3.0% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
| Windows 7 |
49.3% |
|
| Windows 10 |
43.3% |
|
| Windows XP |
3.0% |
|
| Windows 8.1 |
1.5% |
|
| Windows Vista |
1.5% |
|
| Windows 8 |
1.5% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00002c61 |
| Name |
Size of data |
MD5 |
| .text |
8704 |
ab7fd1103df6d4ec0a82f79204213e42 |
| .rdata |
2560 |
0c8b0c00f391932a8e0e81df99214288 |
| .data |
3072 |
13556f9e9adc6120e7002ab81a0d5503 |
| .rsrc |
6144 |
48b079effc7574db6c3944ca0aedc214 |
