How to remove QyKernel.exe.vir

QyKernel.exe.vir

The module QyKernel.exe.vir has been detected as PUP.Gen

QyKernel.exe.vir
Remove QyKernel.exe.vir

File Details

Product Name:

HCDN网络数据传输组件
Company Name:

iQIYI.COM
MD5: 089ac78f91e11841d5d4e65719464285
Size: 562 KB
First Published: 2017-05-30 16:08:17 (7 years ago)
Latest Published: 2021-01-10 11:02:53 (4 years ago)
Status: PUP.Gen (on last analysis)
Analysis Date: 2021-01-10 11:02:53 (4 years ago)

Overview

Signed By: BEIJING QIYI CENTURY SCIENCE@amp;TECHNOLOGY CO.,LTD.
Status: Valid

Common Places:

%sysdrive%\iqiyi video\common
%sysdrive%\adwcleaner\quarantine\c\iqiyi video\common
%sysdrive%\iqiyi video
%sysdrive%\iqiyi video
%sysdrive%\iqiyi video
%sysdrive%\iqiyi video
%sysdrive%\iqiyi video
%sysdrive%\iqiyi video
%sysdrive%\iqiyi video
%sysdrive%\iqiyi video

File Names:

QyKernel.exe
QyKernel.exe.vir
qykernel.exe

Geography:

15.8%
15.8%
10.5%
10.5%
5.3%
5.3%
5.3%
5.3%
5.3%
5.3%
5.3%
5.3%
5.3%

OS Version:

Windows 10 42.1%
Windows 7 36.8%
Windows 8.1 21.1%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00019544

PE Sections:

Name Size of data MD5
.text 336384 a88b85d0fb858c6d07a9b915fa608ed6
.rdata 67072 c5c2a24d4df1115cbcb3d352be5c59f2
.data 11264 f697adcd5988fc3ea3513de42e99c0dd
.tls 512 bf619eac0cdf3f68d496ea9344137e8b
.rsrc 128000 a46af83407e01653e454006a1c88eaa9
.reloc 26112 e595124acaa8664f082a52562895e996

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for QyKernel.exe.vir
copyright for information about QyKernel.exe.vir