How to remove AntiRK_ev.sys

AntiRK_ev.sys

The module AntiRK_ev.sys has been detected as PUP.Tencent

AntiRK_ev.sys
Remove AntiRK_ev.sys

File Details

Product Name:

TAntiRK
Company Name:

Tencent
MD5: c96e0cbe0a433d97e14625e0451491ab
Size: 47 KB
First Published: 2017-05-22 11:22:38 (6 years ago)
Latest Published: 2022-01-14 21:32:35 (2 years ago)
Status: PUP.Tencent (on last analysis)
Analysis Date: 2022-01-14 21:32:35 (2 years ago)

Overview

Signed By: Tencent Technology(Shenzhen) Company Limited
Status: Valid

Common Places:

%programfiles%\tencent\qqpcmgr\12.5.18755.213\filegroupupdate\sectionsbackup\9486
%programfiles%\tencent\qqpcmgr\12.1.18202.223\filegroupupdate\sectionsbackup\9316
%programfiles%\qqpcmgr\12.3.18498.501\filegroupupdate\sectionsbackup\9486
%programfiles%\tencent\qqpcmgr\12.5.18752.211\filegroupupdate\sectionsbackup\9486
%programfiles%\tencent\qqpcmgr\12.3.18483.221\filegroupupdate\sectionsbackup\9486
%programfiles%\tencent\qqpcmgr\12.5.18768.219\filegroupupdate\sectionsbackup\9609
%programfiles%\tencent\qqpcmgr\12.4.18584.206\filegroupupdate\sectionsbackup\9208
%programfiles%\qqpcmgr\12.5.18768.219\filegroupupdate\sectionsbackup\9668
%programfiles%\tencent\qqpcmgr\12.6.18863.209
%programfiles%\tencent\qqpcmgr\12.2.18329.219\filegroupupdate\sectionsbackup\9208

File Names:

AntiRK_ev.sys.bak_
AntiRK_ev.sys
AntiRK_ev.sys.bak_9761

Geography:

30.7%
23.3%
13.9%
6.3%
5.1%
3.4%
2.8%
1.7%
1.4%
1.1%
1.1%
1.1%
0.9%
0.9%
0.9%
0.9%
0.9%
0.6%
0.6%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%

OS Version:

Windows 10 67.8%
Windows 7 18.9%
Windows Server 2012 R2 5.6%
Windows Server 2008 R2 3.4%
Windows 8.1 2.3%
Windows 8 1.1%
Windows XP 0.8%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 32
Image Base: 0x00010000
Entry Address: 0x0000683e

PE Sections:

Name Size of data MD5
.text 18944 7426bab0b62ad05d4e8ebdfcceac2ad1
.rdata 1024 2c418d52f6e20dd283a902e294fd9de3
.data 5504 564b81e7d39d0c9bde6a815ffcf201ee
INIT 1792 8f5375de43e0d70436e0c6c70eb3d98e
.rsrc 896 f3ee28b3fb640a9d1199cb5bced78f2a
.reloc 1024 618d246596ff2255ef5493f1e9490ae9

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for AntiRK_ev.sys
copyright for information about AntiRK_ev.sys