How to remove balloon.sys

balloon.sys

The module balloon.sys has been detected as PUP.Tencent

balloon.sys
Remove balloon.sys

File Details

Product Name:

Red Hat VirtIO Balloon controller
Company Name:

Red Hat, Inc.
MD5: 62415cfdfe588a50f7b4137640fdebec
Size: 55 KB
First Published: 2018-03-15 04:11:07 (7 years ago)
Latest Published: 2018-04-25 08:08:00 (6 years ago)
Status: PUP.Tencent (on last analysis)
Analysis Date: 2018-04-25 08:08:00 (6 years ago)

Overview

Signed By: Tencent Technology(Shenzhen) Company Limited
Status: Valid

Common Places:

%system%
%system%\driverstore\filerepository

Geography:

100.0%

OS Version:

Windows Server 2016 100.0%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00002910

PE Sections:

Name Size of data MD5
.text 22528 1093969070092499dd9fad5e4c7d63ba
.rdata 4096 9ec9c085e30dcd96f301347d422fffa5
.data 512 821a0eca73595f501176323253875719
.pdata 2048 eee09b0560d788c1650c1e9b7a83f3d0
.gfids 512 64d1f04ee674327483852f238bb2c4a5
PAGE 4096 627408afcd389710e77e166a6cedffdb
INIT 2048 4dcd78e22f4a8fb1b6a032e799d18bf2
.rsrc 1536 0596eb07caee2875eccdd3df44996d66
.reloc 512 629cf7adbbbb32f639a6af9298890f8c

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for balloon.sys
copyright for information about balloon.sys