How to remove TAOKernelEx_ev.sys
- File Details
- Overview
- Analysis
TAOKernelEx_ev.sys
The module TAOKernelEx_ev.sys has been detected as PUP.Tencent
File Details
| Company Name: |
|
| MD5: |
3e4c7bfa8da12f0d9120bf28ad62db0a |
| Size: |
75 KB |
| First Published: |
2019-07-02 16:25:48 (6 years ago) |
| Latest Published: |
2022-01-14 21:25:30 (3 years ago) |
| Status: |
PUP.Tencent (on last analysis) |
|
| Analysis Date: |
2022-01-14 21:25:30 (3 years ago) |
Overview
| %programfiles%\tencent\qqpcmgr |
| %programfiles%\tencent\qqpcmgr |
| %programfiles%\tencent\qqpcmgr |
| %programfiles%\tencent\qqpcmgr |
| %programfiles%\tencent\qqpcmgr |
| %programfiles%\tencent\qqpcmgr |
| %programfiles%\tencent\qqpcmgr |
| %programfiles%\tencent\qqpcmgr |
| %programfiles%\tencent\qqpcmgr |
| %programfiles%\tencent\qqpcmgr |
|
29.4% |
|
|
23.5% |
|
|
17.6% |
|
|
11.8% |
|
|
5.9% |
|
|
5.9% |
|
|
5.9% |
|
| Windows 10 |
94.4% |
|
| Windows 7 |
5.6% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00005d0c |
| Name |
Size of data |
MD5 |
| .text |
40960 |
f9c29e1de5dceb15bfe9d0ef56c38351 |
| .rdata |
8192 |
26873b8386bbc931a947c804e5b612c7 |
| .data |
1024 |
e8c2d91eea89ceb7fe1a4ba0b8002c49 |
| INIT |
4096 |
da3a96332d5bdea44362802a5f97e28a |
| .rsrc |
1024 |
1096d0f7146f4b3f882ecbbeaea6ede3 |
| .reloc |
3072 |
8203a455156e8c3064be58046106fc38 |
