How to remove qykernel.exe
- File Details
- Overview
- Analysis
qykernel.exe
The module qykernel.exe has been detected as Hijack.IE
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
fbf7c69f216f43afb81dddc0ca6e331d |
| Size: |
705 KB |
| First Published: |
2017-05-21 08:10:36 (6 years ago) |
| Latest Published: |
2018-09-29 12:09:11 (5 years ago) |
| Status: |
Hijack.IE (on last analysis) |
|
| Analysis Date: |
2018-09-29 12:09:11 (5 years ago) |
Overview
| %programfiles%\iqiyi video\lstyle\5.6.40.4071 |
| %sysdrive%\system volume information\_restore{f14a1c2c-a641-43f9-a293-b0cb265a4677}\rp1244 |
| %programfiles%\ppstream\lstyle\5.6.40.4071 |
| %programfiles%\lstyle\5.6.40.4071 |
| %programfiles%\iqiyi video\lstyle |
| QyKernel.exe |
| qykernel.exe |
| A0428549.exe |
| QyKernel.exe.quarantined |
|
81.5% |
|
|
10.9% |
|
|
5.9% |
|
|
0.8% |
|
|
0.8% |
|
| Windows 10 |
75.6% |
|
| Windows 7 |
21.0% |
|
| Windows 8.1 |
1.7% |
|
| Windows XP |
1.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0001d1cf |
| Name |
Size of data |
MD5 |
| .text |
354304 |
ac1a197372e2a96cdfa90bd40d45093c |
| .rdata |
72192 |
f612c428d36135dc6fcffd92ff646265 |
| .data |
11776 |
ab7574b8944531a64a4ea5fd2d4c5ea6 |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc |
240128 |
9e4017804ef178da82987e70be1f576c |
| .reloc |
28672 |
6b6f717e2fa66b8e501268b8f152f42f |
