How to remove DRWUI.exe
DRWUI.exe
The module DRWUI.exe has been detected as General Threat
File Details
| Product Name: | EaseUS Data Recovery Wizard |
| Company Name: | CHENGDU YIWO Tech Development Co., Ltd |
| MD5: | 96c661b8c7421f217f340d3a3c47b877 |
| Size: | 12 MB |
| First Published: | 2020-11-08 22:03:58 (4 years ago) |
| Latest Published: | 2023-06-11 23:20:59 (2 years ago) |
| Status: | General Threat (on last analysis) | |
| Analysis Date: | 2023-06-11 23:20:59 (2 years ago) |
Common Places:
| %profile%\downloads\programs\easeus data recovery wizard professional 13.6 (x64)\data\easeus data recovery wizard\local\modified\@programfiles@\easeus |
| %programfiles%\easeus |
| %profile%\downloads\easeus data recovery wizard professional 13.6 (x64) multilingual.crack |
| %desktop%\easeus.data.recovery.wizard.pro.13.6.portable\data\easeus data recovery wizard\local\modified\@programfiles@\easeus |
| %mydoc%\easeus data recovery wizard professional 13.6 (x64)\data\easeus data recovery wizard\local\modified\@programfiles@\easeus |
| %profile%\downloads\x-136edrwpx64 (1)\easeus data recovery wizard professional 13.6 (x64)\data\easeus data recovery wizard\local\modified\@programfiles@\easeus |
| %profile%\downloads\x-136edrwpx64\easeus data recovery wizard professional 13.6 (x64)\data\easeus data recovery wizard\local\modified\@programfiles@\easeus |
| %profile%\downloads\programs\partition wizards\[ftuapps.com] - easeus data recovery wizard v13.6 professional (x64) portable\data\easeus data recovery wizard\local\modified\@programfiles@\easeus |
| %sysdrive%\filehistory\akanayo tv\desktop-rev20n8\data\$of |
| %sysdrive%\stažene\easeus.data.recovery.wizard.pro.13.6.portable\easeus.data.recovery.wizard.pro.13.6.portable\data\easeus data recovery wizard\local\modified\@programfiles@\easeus |
Geography:
| 18.2% | ||
| 18.2% | ||
| 9.1% | ||
| 9.1% | ||
| 9.1% | ||
| 9.1% | ||
| 9.1% | ||
| 9.1% | ||
| 9.1% |
OS Version:
| Windows 10 | 90.9% | |
| Windows 8.1 | 9.1% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x020e00e3 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .rdata | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .data | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .pdata | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .tls | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .vmp0 | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .vmp1 | 12423168 | d908b71433d9f8e47393a3eacf6db0f3 |
| .reloc | 512 | 09307d1a6441bf08cf9a11d6de2c1269 |
| .rsrc | 482304 | fffd474affcf8de0431e88a8367d9479 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for DRWUI.exe
