How to remove $RDZCQBP.sys
- File Details
- Overview
- Analysis
$RDZCQBP.sys
The module $RDZCQBP.sys has been detected as Adware.Vitruvian
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
3528d3d8e463736af976619ca823ee3a |
| Size: |
56 KB |
| First Published: |
2017-06-06 13:13:21 (8 years ago) |
| Latest Published: |
2021-11-15 21:02:50 (4 years ago) |
| Status: |
Adware.Vitruvian (on last analysis) |
|
| Analysis Date: |
2021-11-15 21:02:50 (4 years ago) |
Overview
| %system%\drivers |
| %system% |
| %sysdrive%\$recycle.bin |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
| wfdrvr_vw_1_10_0_28.sys |
| $RDZCQBP.sys |
|
34.7% |
|
|
24.5% |
|
|
8.2% |
|
|
4.1% |
|
|
4.1% |
|
|
4.1% |
|
|
4.1% |
|
|
4.1% |
|
|
2.0% |
|
|
2.0% |
|
|
2.0% |
|
|
2.0% |
|
|
2.0% |
|
|
2.0% |
|
| Windows 10 |
87.8% |
|
| Windows 7 |
12.2% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x00009bc0 |
| Name |
Size of data |
MD5 |
| .text |
38400 |
1bfe059c064d9b0d9aadfc19087fb38f |
| .rdata |
3584 |
60f293e5933ab4506259d82355387870 |
| .data |
512 |
46379b8ab4e14e93955bb62544c80379 |
| .pdata |
1536 |
566e83c57e1d0dd5942e0d6574113bee |
| INIT |
3584 |
2c4e5af42351a08b1d18767108473c81 |
| .rsrc |
1536 |
942c6017b48cb8b3c00eaeae533c8796 |
| .reloc |
512 |
1281db94b2103c76b1d2e8cd56c299f7 |
