How to remove kernelpromote.dll.o
- File Details
- Overview
- Analysis
kernelpromote.dll.o
The module kernelpromote.dll.o has been detected as PUP.Baidu
File Details
Company Name: |
|
MD5: |
5788ae992446f38e24f488c73b987fde |
Size: |
6 MB |
First Published: |
2017-05-21 06:06:56 (7 years ago) |
Latest Published: |
2018-10-11 03:10:01 (6 years ago) |
Status: |
PUP.Baidu (on last analysis) |
|
Analysis Date: |
2018-10-11 03:10:01 (6 years ago) |
Overview
%appdata%\baidu\baidunetdisk |
%appdata%\baidu\baiduyunguanjia |
%sysdrive%\windows.old\users\jojo\appdata\roaming\baidu\baidunetdisk |
%appdata%\baidu |
%sysdrive%\baidu |
%profile%\downloads\downloads\baiduyunguanjiaportable |
kernelpromote.dll |
kernelpromote.dll.o |
|
38.8% |
|
|
29.9% |
|
|
11.9% |
|
|
7.5% |
|
|
3.0% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
Windows 10 |
53.7% |
|
Windows 7 |
38.8% |
|
Windows 8.1 |
6.0% |
|
Windows Server 2008 R2 |
1.5% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x10000000 |
Entry Address: |
0x004b49c5 |
Name |
Size of data |
MD5 |
.text |
5451264 |
0c3095efd0069c3c0e96ee9cb53fc0e2 |
.rdata |
867328 |
a68692d3c9a0227bbe1fdf6d70ba4449 |
.data |
220672 |
2e5e25160f972670e66917ad55cad95e |
.tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
.rsrc |
1536 |
7563c05d7b38aea212b64e23aaa4c935 |
.reloc |
253952 |
a50e3c9bf996be7fa781ff228438274a |