How to remove QyUpdate.exe.vir

QyUpdate.exe.vir

The module QyUpdate.exe.vir has been detected as PUP.Qiyi

QyUpdate.exe.vir
Remove QyUpdate.exe.vir

File Details

Product Name:

爱奇艺影音
Company Name:

爱奇艺
MD5: 475a9c0ec0338bdbde18cf0e1e7f0547
Size: 307 KB
First Published: 2017-06-14 10:08:59 (7 years ago)
Latest Published: 2021-08-13 20:30:10 (3 years ago)
Status: PUP.Qiyi (on last analysis)
Analysis Date: 2021-08-13 20:30:10 (3 years ago)

Overview

Signed By: BEIJING QIYI CENTURY SCIENCE@amp;TECHNOLOGY CO.,LTD.
Status: Valid

Common Places:

%appdata%\iqiyi video\lstyle
%sysdrive%\adwcleaner\quarantine\c\users\komputerkomputer\appdata\roaming\iqiyi video\lstyle
%sysdrive%\adwcleaner\quarantine\zmrf6ci6nx
%sysdrive%\windows.old\users\nguyen\appdata\roaming\iqiyi video
%appdata%\iqiyi video
%profile%\dmin\application data\iqiyi video
%sysdrive%\adwcleaner\quarantine\kuutsgcorb
%appdata%\iqiyi video
%appdata%\iqiyi video
%sysdrive%\iqiyi video\lstyle

File Names:

QyUpdate.exe
QyUpdate.exe.vir
QyUpdate_old.exe

Geography:

17.6%
11.8%
11.8%
11.8%
11.8%
5.9%
5.9%
5.9%
5.9%
5.9%
5.9%

OS Version:

Windows 7 55.6%
Windows 10 27.8%
Windows 8.1 11.1%
Windows XP 5.6%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00013a05

PE Sections:

Name Size of data MD5
.text 165888 d344346770edf68ed8eb33f2dbc06975
.rdata 34304 d650f9b869e77524e036840460cdebcf
.data 6144 00dd07132e9d1efd3ebad1150d6861e9
.rsrc 89600 a2d61bdf5f5059f58cf470ae9e48b042
.reloc 12288 9ac4216db61fc67b1048b7a830dc2576

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for QyUpdate.exe.vir
copyright for information about QyUpdate.exe.vir