How to remove hqyvotkwgtvccuremthwiwkqsxkyenaw.back

hqyvotkwgtvccuremthwiwkqsxkyenaw.back

The module hqyvotkwgtvccuremthwiwkqsxkyenaw.back has been detected as Adware.Agent

hqyvotkwgtvccuremthwiwkqsxkyenaw.back
MD5: 8b15e2061ee2142cc2536d8799cd478f
Size: 1 MB
First Published: 2017-05-21 06:07:05 (7 years ago)
Latest Published: 2018-10-04 05:10:19 (6 years ago)
Status: Adware.Agent (on last analysis)
Analysis Date: 2018-10-04 05:10:19 (6 years ago)
%sysdrive%\programdata
%temp%\00005297
%temp%\00015257
%temp%\00031941
%temp%\31198
%temp%\00010229
%temp%\00008539
%temp%\00011646
%temp%\00029361
%temp%\00025617
service.exe
hqyvotkwgtvccuremthwiwkqsxkyenaw.back
wpwlywvllkwkoesofjvvwuppsbnzrhdz.back
oelmlnrisnmwegqhwvjsmbdqfedsvxgz.back
SERVICE.EXE
inczsxztupihvgjkqyffwcwgspqewydn.back
36.8%
15.5%
7.3%
6.9%
5.7%
5.1%
4.0%
3.1%
1.6%
1.5%
1.3%
0.8%
0.8%
0.7%
0.6%
0.6%
0.5%
0.5%
0.5%
0.4%
0.4%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
Windows 7 71.1%
Windows 10 19.7%
Windows 8.1 6.9%
Windows 8 1.6%
Windows Vista 0.6%
Windows XP 0.1%
Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000b8e77

PE Sections:

Name Size of data MD5
.text 1247744 254037b20ea0822d0ebe3b2b6367dc47
.rdata 272896 bd46dbc88e61f9760a1042ebccc91150
.data 33792 0887e1658b333a4dcc4ed4f2054ba954
.rsrc 1536 d5a58f603e3da553f9f42d9b725d7b10
.reloc 66560 804e033b60100b69badfc22aa8dc9c8e

More information:

Download GridinSoft Anti-Malware - Removal tool for hqyvotkwgtvccuremthwiwkqsxkyenaw.back