How to remove ComboFix.exe

» File
File Details
Overview
Analysis

ComboFix.exe

The module ComboFix.exe has been detected as Trojan.Amadey

ComboFix.exe

Remove ComboFix.exe

File Details

Main Info:

Product Name:	ComboFix
Company Name:	Swearware
MD5:	ded527d4ab54cff89c841dbcd4c49300
Size:	4 MB
First Published:	2017-05-29 23:09:12 (8 years ago)
Latest Published:	2024-03-30 23:01:21 (2 years ago)

Analysis:

Status:	Trojan.Amadey (on last analysis)
Analysis Date:	2024-03-30 23:01:21 (2 years ago)

Common Places:

%localappdata%\temp

%profile%\downloads\hirens.bootcd.15.2\hiren's.bootcd.15.2\hbcd\programs

%profile%\downloads\cd\hbcd\programs

%temp%

%sysdrive%\hbcd

%sysdrive%\$recycle.bin\s-1-5-21-811412674-2275203140-2909279099-1001\$r9fqwdr\hbcd

%temp%

File Names:

explorer.exe

ComboFix.exe

Geography:

	18.5%
	12.3%
	10.8%
	9.2%
	9.2%
	6.2%
	4.6%
	4.6%
	4.6%
	4.6%
	3.1%
	3.1%
	3.1%
	1.5%
	1.5%
	1.5%
	1.5%

OS Version:

Windows 10	54.4%
Windows 8.1	17.6%
Windows 8	16.2%
Windows 7	11.8%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000313c0

PE Sections:

Name	Size of data	MD5
UPX0	0	00000000000000000000000000000000
UPX1	17920	f07f222b8a4e1f949b32606c7b1f9f43
.rsrc	7168	9fa9ac7883de51b14331340800bf1320

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for ComboFix.exe

copyright for information about ComboFix.exe