Qyule

Description: Adware
Risk Level: Low
Date of First Occurence: Wednesday, April 30, 2008
Software Developer: (unknown)
Brief Info: Adware Software that is displaying pop-up/pop-under windows containing advertisements when the primary user interface is not visible or displayed advertisements are not related to the product.
Removal: This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "Qyule"

Threat Info

View All

Detected Items

  1. Detected Files: %SYSDIR%\qylrmplayer.ocx MD5: 8FA7E180E0880E4CE4D1B41A3A1C05D5 Size:327680 %PROGRAMFILES%\Qyule\dvfilter.ax MD5: 24AEEBCCF1C7D0F19F7A7BA79D93D98F Size:122880 %PROGRAMFILES%\Qyule\QyulePlayer.ocx MD5: 35ACBDC4AED32963298CA321017AD1F6 Size:651264 %SYSDIR%\qylprotocol.dll MD5: EFEBFBA2E380E5F3C3779000ADD48DE3 Size:31744 MD5: C0F4A21086A3D724B5CAB3775AF7A10F Size:31744 %PROGRAMFILES%\Qyule\Qyule.exe MD5: E66FCE00124B7C5B33985DAA72F71942 Size:10699264 MD5: B99EAB4E481B587B80172575E4B1E5DD Size:10715648 MD5: 8FAF17E52D5BDAB417996DA20AC10A4F Size:10683392 MD5: E040D3440301443640E59B53BB313A3C Size:765952 MD5: 2CADEA237DB356FF3CED0F712754FCE7 Size:1300992 %PROGRAMFILES%\QYULE\QYULE.EXE MD5: 596DAAD1D0FC2946ADA80BD07563D87B Size:10711552 %PROGRAMFILES%\Qyule\UPDATE\setup.exe MD5: 5EE7A07A2B35055A55008FEA485F9AC4 Size:1149440 %PROGRAMFILES%\Qyule\BugReport.exe MD5: F9749F6FF7A3E68A4EFA85739823F8BD Size:64512
  2. Detected Files with variable Filenames: MD5: 59501E7B0ECD7E60B4B2380D3106B299 Size: 64512 %PROGRAMFILES%\Qyule\BugReport.exe %PROGRAMFILES%\Qyule\bugreport.exe.ren MD5: A830B9787934301D5A51756C157A1FF4 Size: 73771 %PROGRAMFILES%\Qyule\unins000.exe %PROGRAMFILES%\Qyule\unins000.exe.ren

Detecting items list:

  1. Files by Name %PROGRAMFILES%\Qyule\BugReport.exe %PROGRAMFILES%\Qyule\dvfilter.ax %PROGRAMFILES%\Qyule\Qyule.exe %PROGRAMFILES%\Qyule\QyulePlayer.ocx %PROGRAMFILES%\Qyule\SmartUpdater.exe %PROGRAMFILES%\Qyule\unins000.exe %DESKTOP%\àÀ.lnk %START_PROGRAMSALL%\àÀ\àÀ.lnk %START_PROGRAMSALL%\àÀ\ Ø àÀ.lnk %START_PROGRAMSALL%\àÀ\Readme.txt.lnk %SYSDIR%\qylprotocol.dll %SYSDIR%\qylrmplayer.ocx
  2. Files by Directories %PROGRAMFILES%\Qyule %START_PROGRAMSALL%\àÀ
  3. Files by CLSID or Name CLSID=2236FAB7-7BDD-4187-831B-C7D809CA2E24 CLSID=23498A55-5158-4389-8FE0-9DC058A93E15 CLSID=53AE3F49-4985-4245-9AFE-2D3A14DCF7CD CLSID=81B5C8FE-07BD-4020-B299-79C0BE1A3946 CLSID=C79BF22F-25C4-4D3D-8183-14149EAB9C0C CLSID=E70FE57A-19AA-4A4C-B39A-408D49D73851 CLSID=EB86A239-96D9-4F34-BCCD-E1E13D09577B CLSID=EC987C58-81A2-4d2c-993D-D0E1945D7E7C CLSID=F349A88E-33CF-46E7-8091-6EF28491168D
  4. Registry Keys HKCR\QYULE.RMPLAYER HKCR\QYULE.WMPLAYER.9 HKCR\QYULEPLAYER.QyulePlayerCtrl.1 HKCU\Software\Qyule HKCU\Software\SmartClient\qyule HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\àÀ_is1
  5. Registry Values HKCU\Software\Microsoft\Windows\CurrentVersion\Run ValueName=ClientQyule HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=ClientQyule

« Go to Software Database