How to remove helputility.exe
- File Details
- Overview
- Analysis
helputility.exe
The module helputility.exe has been detected as PUP.Baidu
File Details
| Product Name: |
|
| MD5: |
c4e36e197883a73d82556fedaa2be6b4 |
| Size: |
124 KB |
| First Published: |
2017-06-01 02:15:55 (6 years ago) |
| Latest Published: |
2019-09-28 11:42:06 (4 years ago) |
| Status: |
PUP.Baidu (on last analysis) |
|
| Analysis Date: |
2019-09-28 11:42:06 (4 years ago) |
Overview
| %sysdrive%\$recycle.bin\s-1-5-21-2919837739-2587390054-3968611417-1001\$r3xubo9\baiduyunguanjia\autoupdate\download\mainapp\fullpackage_5410.cab |
| %sysdrive%\windows.old\users\user\appdata\roaming\baidu\baiduyunguanjia\autoupdate\download\mainapp\fullpackage_5410.cab |
| %sysdrive%\windows.old.000\users\administrator\appdata\roaming\baidu |
| %appdata%\baidu |
| %sysdrive%\baidu\baiduyunguanjia\autoupdate\download\mainapp |
| %sysdrive%\baiduyunguanjia\autoupdate\download\mainapp |
| %appdata%\baidu |
| HelpUtility.exe |
| helputility.exe |
|
53.3% |
|
|
13.3% |
|
|
13.3% |
|
|
6.7% |
|
|
6.7% |
|
|
6.7% |
|
| Windows 10 |
46.7% |
|
| Windows 7 |
40.0% |
|
| Windows 8.1 |
13.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0000f4e5 |
| Name |
Size of data |
MD5 |
| .text |
66560 |
b2a18ac2ab5837e99ede6aac270a0c0c |
| .rdata |
20480 |
de5cc62b49b12f73985368a1cfb8066c |
| .data |
2048 |
ad932ef69c25b5af2d85896bceb4bd89 |
| .rsrc |
23552 |
ab7dd8bb9dec92d2f0437892a568477b |
| .reloc |
5120 |
ec755a6435022d6d7464afc4aaa2d75c |
