How to remove kprocesshacker.sys

kprocesshacker.sys

The module kprocesshacker.sys has been detected as Hack.ProcessHacker

kprocesshacker.sys
Remove kprocesshacker.sys

File Details

Product Name:

KProcessHacker
Company Name:

wj32
MD5: 963f148316e193b2ae68c6cbf5f7b09a
Size: 44 KB
First Published: 2019-03-09 15:12:44 (5 years ago)
Latest Published: 2022-05-08 23:30:33 (2 years ago)
Status: Hack.ProcessHacker (on last analysis)
Analysis Date: 2022-05-08 23:30:33 (2 years ago)

Overview

Signed By: Wen Jia Liu
Status: Valid

Common Places:

%profile%\downloads\processhacker-build-bin
%desktop%
%desktop%
%profile%\downloads\processhacker-build-bin
%profile%\downloads\processhacker-build-bin
%desktop%
%sysdrive%\программы\утилиты\process hacker\process_hacker_v3.0_rus\process_hacker_v3.0_rus
%sysdrive%\программы\утилиты\process hacker\process_hacker_v3.0_rus\process_hacker_v3.0_rus
%profile%\downloads\processhacker-build-bin
%sysdrive%\99 개별 및 개인 자료\0 the 나눔플러스 네트워크마켓팅정보\proceshacker2-source-analysis-master.zip\proceshacker2-source-analysis-master\kprocesshacker\bin-signed

Geography:

52.1%
8.2%
8.2%
6.8%
4.1%
4.1%
2.7%
2.7%
2.7%
2.7%
1.4%
1.4%
1.4%
1.4%

OS Version:

Windows 8.1 44.9%
Windows 10 34.8%
Windows 7 20.3%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000000010000
Entry Address: 0x00009064

PE Sections:

Name Size of data MD5
.text 4096 e396af7e33c6deede895b7929275a910
.rdata 2560 405a547115c97c61dfa81830ee5c265c
.data 512 7317536adabcbb03e62558da080699bb
.pdata 1024 bf383876660891a58587b026abb5957f
PAGE 14336 e75a55a93c605466c67c10f56ba37c14
INIT 3072 d74f6efce0190a27390cf236c50f4a42
.rsrc 1024 028f1d1a13fb2bb6a6f89aa8fd839959

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for kprocesshacker.sys
copyright for information about kprocesshacker.sys