How to remove A0017796.exe
- File Details
- Overview
- Analysis
A0017796.exe
The module A0017796.exe has been detected as PUP.Tencent
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
03958950f8b1779e8ad1cd7a1d62a309 |
| Size: |
1 MB |
| First Published: |
2017-05-25 09:04:52 (7 years ago) |
| Latest Published: |
2018-06-05 12:04:12 (6 years ago) |
| Status: |
PUP.Tencent (on last analysis) |
|
| Analysis Date: |
2018-06-05 12:04:12 (6 years ago) |
Overview
| %programfiles%\formatfactory\ffmodules\package |
| %programfiles%\freetime\formatfactory\ffmodules\package |
| %sysdrive%\system volume information\_restore{0a66d4aa-bcdf-416f-b650-275a5cadaef5}\rp13 |
| %profile%\downloads\格式工廠\app\formatfactory\ffmodules\package |
| %desktop%\文件\轉檔\格式工廠 format factory 3.2.0.1 影音轉檔無障礙的優質軟體 - 免安裝\format factory 3.2.0.1\format factory 3.2.0.1\ffmodules\package |
| %programfiles%\internet explorer\freetime\formatfactory\ffmodules\package |
| %programfiles%\freetime\formatfactory\ffmodules |
| %programfiles%\formatfactory\ffmodules |
| %sysdrive%\system volume information\_restore{e6ed3db5-11e0-4d72-854a-92cd8a42dba6} |
| %profile%\downloads\格式工廠\app\formatfactory\ffmodules |
| QQPCDownload62458.exe |
| A0017796.exe |
| A0049356.exe |
|
49.6% |
|
|
9.6% |
|
|
4.0% |
|
|
4.0% |
|
|
4.0% |
|
|
3.2% |
|
|
3.2% |
|
|
3.2% |
|
|
3.2% |
|
|
1.6% |
|
|
1.6% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
| Windows 7 |
54.4% |
|
| Windows 10 |
33.6% |
|
| Windows 8.1 |
8.0% |
|
| Windows XP |
4.0% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000123df |
| Name |
Size of data |
MD5 |
| .text |
72192 |
3c72b06e02f4afbad83d6aa896575140 |
| .rdata |
13824 |
62fb898719481a603059fc42554f80ef |
| .data |
2048 |
4cb364a72e7c9869ec05686d3fe4aabe |
| .rsrc |
296448 |
9948c6a6687d1dfe4a82901b0f95805b |
