How to remove observer_x64_helper.exe

observer_x64_helper.exe

The module observer_x64_helper.exe has been detected as PUP.ChinAd

observer_x64_helper.exe
Remove observer_x64_helper.

File Details

Company Name:

鲁大师
MD5: 2674c027022598f21dd8ff239d8aca9a
Size: 721 KB
First Published: 2024-11-05 23:01:43 (a year ago)
Latest Published: 2024-11-05 23:01:43 (a year ago)
Status: PUP.ChinAd (on last analysis)
Analysis Date: 2024-11-05 23:01:43 (a year ago)

Overview

Signed By: Chengdu Qilu Technology Co. Ltd.
Status: Valid

Common Places:

%programfiles%\ludashi\superapp

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00021ff8

PE Sections:

Name Size of data MD5
.text 477696 6cf27e52f2d3d218dbeb692c5a29c70f
.rdata 162816 da36a7c77a9376270160d78ac22a8c14
.data 52736 2f5c8b5c63e23ecfb4b9c3e25c0b2dee
.pdata 20992 3a704a281516165c81cf63d5c588ade4
.gxfg 10240 5e91324c214ddcf4b758bdbcd0eef923
.gehcont 512 bc889906fa4ce9aa7355c650cfca96ce
.rsrc 1536 2247dab43742b234a6501e788b506c3b
.reloc 4608 8aa43ded4216114c14352551940fc55d

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for observer_x64_helper.exe
copyright for information about observer_x64_helper.exe