How to remove $RQPO9PY.sys
- File Details
- Overview
- Analysis
$RQPO9PY.sys
The module $RQPO9PY.sys has been detected as Adware.Vitruvian
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
e5a9a83191229ee645dbac3ec208a900 |
| Size: |
38 KB |
| First Published: |
2017-07-04 02:10:27 (7 years ago) |
| Latest Published: |
2020-07-29 12:32:04 (4 years ago) |
| Status: |
Adware.Vitruvian (on last analysis) |
|
| Analysis Date: |
2020-07-29 12:32:04 (4 years ago) |
Overview
| %programfiles%\othersearch |
| %sysdrive%\adwcleaner\quarantine\files\nlhzauzoizctzfjgwamxnfkiaybjhvgg |
| %system%\drivers |
| %sysdrive%\adwcleaner\quarantine\files\vollrdhmkhdqhmzxhferhmkfxaosmllx |
| %system% |
| %programfiles% |
| %sysdrive%\$recycle.bin |
| %sysdrive%\backupservidor\program files |
| %sysdrive%\adwcleaner\quarantine\files |
| %programfiles% |
|
23.1% |
|
|
23.1% |
|
|
11.5% |
|
|
11.5% |
|
|
11.5% |
|
|
3.8% |
|
|
3.8% |
|
|
3.8% |
|
|
3.8% |
|
|
3.8% |
|
| Windows 10 |
69.2% |
|
| Windows 8.1 |
15.4% |
|
| Windows 7 |
15.4% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00005f88 |
| Name |
Size of data |
MD5 |
| .text |
20992 |
5e3d47d1a17fe1de477a6230f2a70bf5 |
| .rdata |
2560 |
96bb7e775ef8d64250734069ab5ce829 |
| .data |
512 |
b2c257cc307db85ecb92390a1bcb094e |
| INIT |
2560 |
4e90a4aa02bf6dbdb8aa502ac597af00 |
| .rsrc |
1024 |
38c99ec48b3da9a314947fccfef2cfe0 |
| .reloc |
2048 |
2734c3777d63bef8375b6bca82ef81be |
