How to remove GHOEXPLORER.EXE

» File
File Details
Overview
Analysis

GHOEXPLORER.EXE

The module GHOEXPLORER.EXE has been detected as Trojan.Wacatac

Remove GHOEXPLORER.EXE

File Details

Main Info:

Product Name:	Symantec Ghost Explorer
Company Name:	Symantec 公司
MD5:	e0f5e0769b2e6048824bf49507546bb6
Size:	834 KB
First Published:	2017-05-24 17:03:05 (8 years ago)
Latest Published:	2025-04-12 23:02:08 (7 months ago)

Analysis:

Status:	Trojan.Wacatac (on last analysis)
Analysis Date:	2025-04-12 23:02:08 (7 months ago)

Common Places:

%sysdrive%\dosh\ghos

%desktop%\extras\araceli 2015\aguja\xtdq_ghost_win7_x32_2013v1.3\pesoft\ghost

%sysdrive%\$recycle.bin\s-1-5-21-3197703927-3383311672-3849909700-500\$r4zzjth

%sysdrive%\software\os\xp professional sp3_simp_ghost

%sysdrive%\dosh

%profile%\downloads\compressed\deepin_ghost_xpsp3_les_pro_201511

%sysdrive%\documents\downloads\win1064_1702

%sysdrive%\dosh

%sysdrive%\ghost_7_sp1_x64\pesoft

File Names:

GHOSTEXP.EXE

Ghostexp.exe

GHOEXPLORER.EXE

Geography:

	83.5%
	9.3%
	4.1%
	1.0%
	1.0%
	1.0%

OS Version:

Windows 10	83.7%
Windows 7	14.3%
Windows Server 2008 R2	2.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x001e5001

PE Sections:

Name	Size of data	MD5
.text	508416	9e2ce31945dc22f0bf89048b0805edb1
.rdata	86016	c91004c7ee1a7f9bd3279a3fe9b7b75a
.data	11264	5f83a770dc63e147416e4e6008cc5a9e
.rsrc	221184	6619d6b7f3cf2309c9fef47db6c23e62
.aspack	4096	2c758566a7c08cb4677e2e4867d15d53
.adata	0	00000000000000000000000000000000

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for GHOEXPLORER.EXE

copyright for information about GHOEXPLORER.EXE

How to remove GHOEXPLORER.EXE

GHOEXPLORER.EXE

The module GHOEXPLORER.EXE has been detected as Trojan.Wacatac

File Details

Main Info:

Symantec Ghost Explorer

Symantec 公司

Analysis:

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: