How to remove fqwdq.com
fqwdq.com
The module fqwdq.com has been detected as Hijack.Explorer

File Details
MD5: | 36fd5e09c417c767a952b4609d73a54b |
Size: | 40 KB |
First Published: | 2017-07-11 07:05:01 (8 years ago) |
Latest Published: | 2024-10-22 23:00:53 (9 months ago) |
Status: | Hijack.Explorer (on last analysis) | |
Analysis Date: | 2024-10-22 23:00:53 (9 months ago) |
Common Places:
%sysdrive%\windows |
%windir% |
%profile% |
%sysdrive%\$recycle.bin\s-1-5-21-1543148478-3070291033-727663389-1000\$r5e9n1m\admin\defaultbox\drive\c |
%windir% |
%windir% |
%windir% |
%windir% |
%windir% |
%windir% |
File Names:
svchost.com |
fqwdq.com |
qwdqsq.com |
fqdfw.com |
cwadwa.com |
trzC1BB.tmp |
svchost.com.quarantined |
svchost(39).com |
Geography:
22.0% | ||
10.1% | ||
8.4% | ||
7.2% | ||
6.1% | ||
5.8% | ||
3.2% | ||
2.6% | ||
2.3% | ||
2.3% | ||
2.3% | ||
2.0% | ||
2.0% | ||
2.0% | ||
1.7% | ||
1.4% | ||
1.4% | ||
1.2% | ||
1.2% | ||
1.2% | ||
1.2% | ||
0.9% | ||
0.9% | ||
0.9% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% |
OS Version:
Windows 7 | 55.4% | |
Windows 10 | 36.5% | |
Windows Server 2008 R2 | 2.6% | |
Windows Server 2012 R2 | 2.6% | |
Windows 8.1 | 1.4% | |
Windows XP | 0.9% | |
Windows Server 2016 | 0.6% |
Analysis
Subsystem: | Windows GUI |
PE Type: | pe |
OS Bitness: | 32 |
Image Base: | 0x00400000 |
Entry Address: | 0x000080e4 |
PE Sections:
Name | Size of data | MD5 |
CODE | 29696 | ca3464d4f08c9010e7ffa2fe3e890344 |
DATA | 1024 | 7ffc3168a7f3103634abdf3a768ed128 |
BSS | 0 | 00000000000000000000000000000000 |
.idata | 2560 | 6e7a45521bfca94f1e506361f70e7261 |
.tls | 0 | 00000000000000000000000000000000 |
.rdata | 512 | 7e6c0f4f4435abc870eb550d5072bad6 |
.reloc | 1536 | 16968c66d220638496d6b095f21de777 |
.rsrc | 5120 | 0bda792e1a4385a8c5dce49ce9bdec9e |
More information:
Download GridinSoft
Anti-Malware - Removal tool for fqwdq.com
