How to remove htwebHelper.dll.tmp4e732

» File
File Details
Overview
Analysis

htwebHelper.dll.tmp4e732

The module htwebHelper.dll.tmp4e732 has been detected as Adware.Agent

File Details

Main Info:

Product Name:	HT1H
Company Name:	上海子丑六合网络科技有限公司
MD5:	c1d2d64eeee7a1e4fe3e61affd0c8ad7
Size:	221 KB
First Published:	2017-07-05 13:09:41 (7 years ago)
Latest Published:	2019-05-25 19:21:02 (5 years ago)

Analysis:

Status:	Adware.Agent (on last analysis)
Analysis Date:	2019-05-25 19:21:02 (5 years ago)

Overview

Digital Signature

Signed By:	Shanghai Zichou Liuhe Network Technology Co., Ltd.
Status:	Valid

Common Places:

%temp%\htyh

%localappdata%\htyh\application

%sysdrive%\temp\htyh

%sysdrive%\$recycle.bin\s-1-5-21-3424344575-853625843-1821839583-1001\$r4nidoq\application

%sysdrive%\windows.old\users\toshiba\appdata\local\temp\htyh

%temp%

%localappdata%\htyh

%sysdrive%\windows.old\users\ponyv_000\appdata\local\temp

%localappdata%\htyh

File Names:

htwebHelper.dll

htwebHelper.dll.tmp4e732

Geography:

Vietnam	25.9%
Indonesia	25.6%
Taiwan	8.2%
Turkey	5.8%
Iran	3.7%
Thailand	3.6%
South Korea	2.4%
Poland	2.1%
Hong Kong	1.6%
Brazil	1.3%
Italy	1.3%
Russia	1.2%
Ukraine	1.2%
Czech Republic	1.0%
Serbia	0.9%
Colombia	0.8%
Hungary	0.8%
Bulgaria	0.7%
Spain	0.7%
Israel	0.6%
Bosnia and Herzegovina	0.6%
Egypt	0.6%
Slovakia	0.5%
United States	0.5%
China	0.5%
Sweden	0.4%
Saudi Arabia	0.4%
Argentina	0.4%
India	0.3%
Malaysia	0.3%
Greece	0.3%
Netherlands	0.3%
France	0.3%
Romania	0.3%
Iraq	0.3%
Singapore	0.3%
Belarus	0.3%
Jordan	0.2%
United Kingdom	0.2%
Ethiopia	0.2%
Australia	0.2%
Chile	0.2%
Belgium	0.2%
Moldova	0.2%
Pakistan	0.2%
Mexico	0.2%
Algeria	0.2%
Kazakhstan	0.2%
Palestine	0.2%
Morocco	0.2%
Tanzania	0.2%
Mongolia	0.1%
Philippines	0.1%
Germany	0.1%
South Africa	0.1%
Nicaragua	0.1%
Armenia	0.1%
Dominican Republic	0.1%
Malta	0.1%
Lithuania	0.1%
Bangladesh	0.1%
Croatia	0.1%

OS Version:

Windows 7	55.0%
Windows 10	34.4%
Windows 8.1	9.1%
Windows 8	1.4%
Windows Vista	0.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x10000000
Entry Address:	0x0001cfd5

PE Sections:

Name	Size of data	MD5
.text	141312	ca61f5995d292762a5986884e2415b19
.rdata	39936	502e909f067f3c480d1428382b087be8
.data	5120	4d6ce1aa229c9d32673d4cddeff342f5
_ubaihe_	512	bf619eac0cdf3f68d496ea9344137e8b
.rsrc	4096	5961c37bc21e5b1993dc6417e5e228ee
.reloc	15360	f1831b1e6d8513d1712bec332185fd8f

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for htwebHelper.dll.tmp4e732

copyright for information about htwebHelper.dll.tmp4e732

How to remove htwebHelper.dll.tmp4e732

htwebHelper.dll.tmp4e732

The module htwebHelper.dll.tmp4e732 has been detected as Adware.Agent

File Details

Main Info:

HT1H

上海子丑六合网络科技有限公司

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: