How to remove TesSafe.sys

» File
File Details
Overview
Analysis

TesSafe.sys

The module TesSafe.sys has been detected as PUP.Tencent

TesSafe.sys

Remove TesSafe.sys

File Details

Main Info:

Product Name:	Loader64
Company Name:	TENCENT
MD5:	c163da99031a953ab160575e9d259aed
Size:	997 KB
First Published:	2017-05-21 04:03:38 (6 years ago)
Latest Published:	2019-04-16 08:50:33 (5 years ago)

Analysis:

Status:	PUP.Tencent (on last analysis)
Analysis Date:	2019-04-16 08:50:33 (5 years ago)

Overview

Digital Signature

Signed By:	Tencent Technology(Shenzhen) Company Limited
Status:	Valid

Common Places:

%windir%\system32

%system%

%system%

%system%

File Names:

TesSafe.sys

tessafe.sys

Geography:

	38.3%
	19.9%
	19.1%
	3.5%
	3.5%
	2.1%
	1.4%
	1.4%
	1.4%
	1.4%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%

OS Version:

Windows 7	82.3%
Windows 8.1	9.2%
Windows 10	5.0%
Windows 8	3.5%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000010000
Entry Address:	0x001de1e8

PE Sections:

Name	Size of data	MD5
.text	0	00000000000000000000000000000000
.rdata	0	00000000000000000000000000000000
.data	0	00000000000000000000000000000000
.pdata	0	00000000000000000000000000000000
INIT	0	00000000000000000000000000000000
.rsrc	1536	e583e79466c11ef6ab70a0e4a62c9eef
.vmp0	0	00000000000000000000000000000000
.vmp1	0	00000000000000000000000000000000
.vmp2	986624	6e435b7884b08443bac919819fb9a709
.reloc	512	10078257a144d7321e98633b37843ca5

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for TesSafe.sys

copyright for information about TesSafe.sys