How to remove KZTui.exe
KZTui.exe
The module KZTui.exe has been detected as Adware.Downloader
File Details
| Product Name: | 快压 |
| Company Name: | 上海广乐网络科技有限公司 |
| MD5: | 4771f297e96c931ec048310b8e338828 |
| Size: | 767 KB |
| First Published: | 2017-05-29 17:09:24 (7 years ago) |
| Latest Published: | 2018-10-19 16:05:56 (6 years ago) |
| Status: | Adware.Downloader (on last analysis) | |
| Analysis Date: | 2018-10-19 16:05:56 (6 years ago) |
Overview
| Signed By: | Shanda Games |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %temp%\kz7zdata.7z\x86 |
| %programfiles%\辦揤\x86 |
| %sysdrive%\$recycle.bin\s-1-5-21-690559060-1514961958-2951017018-1000\$r08tw3o\x86 |
| %temp%\kz7zdata.7z |
| %programfiles%\smartcloudinput |
| %programfiles%\辦揤 |
Geography:
| 100.0% |
OS Version:
| Windows 7 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x000371c4 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 569856 | d5f9d77479eb09fbff313b080d8fbe04 |
| .rdata | 86528 | fd05261c8bb9e2b6db3f5da8842541f2 |
| .data | 12800 | 9a59bf86cd1cdb8e440d0aaf1ddb97e6 |
| .rsrc | 83968 | a6a9bdcf245f277321f01712f6bf5cfa |
| .reloc | 28160 | 8c90acfe3dc175e966b1bc9a4e6fcc46 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for KZTui.exe
