How to remove qcgued.sys

qcgued.sys

The module qcgued.sys has been detected as General Threat

qcgued.sys
Remove qcgued.sys

File Details

Product Name:

Windows (R) Win 7 DDK driver
Company Name:

Windows (R) Win 7 DDK provider
MD5: fd4de2e78929b8f87508b383726360e7
Size: 1 MB
First Published: 2017-05-24 13:07:19 (7 years ago)
Latest Published: 2019-10-21 12:55:32 (5 years ago)
Status: General Threat (on last analysis)
Analysis Date: 2019-10-21 12:55:32 (5 years ago)

Overview

Signed By: FarStone Technology
Status: Valid

Common Places:

%system%\drivers
%system%
%sysdrive%\wtz2\backup set 2017-10-17 100817\backup files 2018-01-07 140223\backup files 1.zip\c\$windows.~bt\newos\windows\system32
%sysdrive%\wtz2\backup set 2017-10-17 100817\backup files 2017-11-12 081033\backup files 2.zip\c\$windows.~bt\newos\windows\system32
%sysdrive%\wtz2\backup set 2017-10-17 100817\backup files 2017-12-31 175229\backup files 11.zip\c\windows.old\cleanup\0000.~bt\newos\windows\system32
%system%
%system%

File Names:

rtdiftex.sys
qcgued.sys
rtdnfrlx.sys
QSIXES.sys
RTDlseyy.sys
RTDxgpor.sys
RTDswfbg.sys
cdklps.sys
rtdajhsc.sys
RTDisqhh.sys
RTDgzmby.sys
RTDtphar.sys
RTDggqns.sys
rtdemzrw.sys
RTDldpkp.sys
rtdsyotq.sys

Geography:

78.9%
10.6%
4.9%
2.4%
1.6%
0.8%
0.8%

OS Version:

Windows 7 68.3%
Windows 10 31.7%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000000010000
Entry Address: 0x0078fea2

PE Sections:

Name Size of data MD5
.text 0 00000000000000000000000000000000
.rdata 0 00000000000000000000000000000000
.data 0 00000000000000000000000000000000
.pdata 0 00000000000000000000000000000000
INIT 0 00000000000000000000000000000000
.upx0 0 00000000000000000000000000000000
.upx1 1846272 866885d842b74a83731cd1ab823ae82c
.reloc 512 bd7dff59e568d3e31543be70c4398bd3
.rsrc 1024 6843f24e44fd348ad7cf9758c1349428

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for qcgued.sys
copyright for information about qcgued.sys