How to remove qykernel.exe
- File Details
- Overview
- Analysis
qykernel.exe
The module qykernel.exe has been detected as Hijack.IE
File Details
Product Name: |
|
Company Name: |
|
MD5: |
fbf7c69f216f43afb81dddc0ca6e331d |
Size: |
705 KB |
First Published: |
2017-05-21 08:10:36 (7 years ago) |
Latest Published: |
2018-09-29 12:09:11 (6 years ago) |
Status: |
Hijack.IE (on last analysis) |
|
Analysis Date: |
2018-09-29 12:09:11 (6 years ago) |
Overview
%programfiles%\iqiyi video\lstyle\5.6.40.4071 |
%sysdrive%\system volume information\_restore{f14a1c2c-a641-43f9-a293-b0cb265a4677}\rp1244 |
%programfiles%\ppstream\lstyle\5.6.40.4071 |
%programfiles%\lstyle\5.6.40.4071 |
%programfiles%\iqiyi video\lstyle |
QyKernel.exe |
qykernel.exe |
A0428549.exe |
QyKernel.exe.quarantined |
|
81.5% |
|
|
10.9% |
|
|
5.9% |
|
|
0.8% |
|
|
0.8% |
|
Windows 10 |
75.6% |
|
Windows 7 |
21.0% |
|
Windows 8.1 |
1.7% |
|
Windows XP |
1.7% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x0001d1cf |
Name |
Size of data |
MD5 |
.text |
354304 |
ac1a197372e2a96cdfa90bd40d45093c |
.rdata |
72192 |
f612c428d36135dc6fcffd92ff646265 |
.data |
11776 |
ab7574b8944531a64a4ea5fd2d4c5ea6 |
.tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
.rsrc |
240128 |
9e4017804ef178da82987e70be1f576c |
.reloc |
28672 |
6b6f717e2fa66b8e501268b8f152f42f |