How to remove TAOKernelEx64_ev.sys
- File Details
- Overview
- Analysis
TAOKernelEx64_ev.sys
The module TAOKernelEx64_ev.sys has been detected as PUP.Tencent
File Details
| Company Name: |
|
| MD5: |
a41cb8e072acd83236d6c5ef525de2af |
| Size: |
139 KB |
| First Published: |
2017-07-07 12:09:00 (7 years ago) |
| Latest Published: |
2019-10-04 07:05:57 (5 years ago) |
| Status: |
PUP.Tencent (on last analysis) |
|
| Analysis Date: |
2019-10-04 07:05:57 (5 years ago) |
Overview
| %programfiles%\tencent\qqpcmgr\12.6.18917.801 |
| %programfiles%\tencent\qqpcmgr\12.6.18898.217 |
| %system%\drivers |
| %programfiles%\tencent\qqpcmgr\12.7.18987.204 |
| %programfiles%\tencent\qqpcmgr\12.8.19044.206 |
| %programfiles%\tencent\qqpcmgr\12.7.18996.207 |
| %programfiles%\tencent\qqpcmgr\12.8.19060.208 |
| %programfiles%\tencent\qqpcmgr\12.7.18999.208 |
| %programfiles%\tencent\qqpcmgr\12.7.18988.205 |
| %programfiles%\tencent\qqpcmgr\12.8.19066.210 |
|
25.4% |
|
|
21.0% |
|
|
16.6% |
|
|
8.8% |
|
|
5.5% |
|
|
5.0% |
|
|
2.8% |
|
|
2.2% |
|
|
1.7% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
| Windows 10 |
85.1% |
|
| Windows 7 |
8.8% |
|
| Windows Server 2012 R2 |
2.8% |
|
| Windows Server 2008 R2 |
1.7% |
|
| Windows 8.1 |
0.6% |
|
| Windows XP |
0.6% |
|
| Windows 8 |
0.6% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x0000a8b0 |
| Name |
Size of data |
MD5 |
| .text |
98816 |
d6be858245f8590af7a2c3c36feb83b1 |
| .rdata |
6656 |
2ce5351bf8f3982f6e3feb4cb19732be |
| .data |
7680 |
6b0552b98400e78b958200faeb5adaf0 |
| .pdata |
4096 |
dafb959dbad6f0843cd14395c31ab5ca |
| INIT |
5120 |
81e9443ca05a407e2ec3269f2c39ff7d |
| .rsrc |
1536 |
cecf3e9941c671d55ebd7041fadbe024 |
| .reloc |
512 |
b655bb5a2343108627cb0d5fa485f769 |
