How to remove QQSysMonX64_ev.sys
- File Details
- Overview
- Analysis
QQSysMonX64_ev.sys
The module QQSysMonX64_ev.sys has been detected as PUP.Tencent
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
b97185bbc617a04e413fc0978892a5d4 |
| Size: |
165 KB |
| First Published: |
2017-07-27 10:17:33 (7 years ago) |
| Latest Published: |
2017-10-16 08:12:42 (7 years ago) |
| Status: |
PUP.Tencent (on last analysis) |
|
| Analysis Date: |
2017-10-16 08:12:42 (7 years ago) |
Overview
| %programfiles%\tencent\qqpcmgr\12.7.18987.204 |
| %programfiles%\tencent\qqpcmgr\12.8.19044.206 |
| %programfiles%\tencent\qqpcmgr\12.7.18988.205\filegroupupdate\sectionsbackup\9924 |
| %programfiles%\qqpcmgr\12.7.18988.205\filegroupupdate\sectionsbackup\9924 |
| %programfiles%\tencent\qqpcmgr\12.7.18987.204\filegroupupdate\sectionsbackup\9924 |
| QQSysMonX64_EV.sys |
| QQSysMonX64_ev.sys |
| QQSysMonX64_ev.sys.bak_ |
| Windows 10 |
66.7% |
|
| Windows 7 |
33.3% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000000010000 |
| Entry Address: |
0x0002c3c8 |
| Name |
Size of data |
MD5 |
| .text |
120832 |
3de21f65952d69e7d76f3700d70d8d52 |
| .rdata |
9728 |
297a5d04327531953178d8187d80e072 |
| .data |
7168 |
0694ff2bf41508533f1301fc010ed544 |
| .pdata |
4096 |
60374dbab1206c6ca779a12814116db7 |
| PAGE |
1024 |
bc4f13d68b162b12e849bd8cff895387 |
| INIT |
6656 |
74c998942383b513e5cd55fc63012904 |
| .rsrc |
1024 |
541572c36b4f3677e24f2b7d9d17a090 |
| .reloc |
1024 |
819609538041d034a077096f125c828d |
