How to remove Down.exe
Down.exe
The module Down.exe has been detected as Adware.Gen
File Details
| Product Name: | 鲁大师 |
| MD5: | b9d9fde7b77244297f4856cc7a81dba9 |
| Size: | 435 KB |
| First Published: | 2017-05-21 04:02:37 (7 years ago) |
| Latest Published: | 2020-12-06 15:53:24 (3 years ago) |
| Status: | Adware.Gen (on last analysis) | |
| Analysis Date: | 2020-12-06 15:53:24 (3 years ago) |
Overview
| Signed By: | Qihoo 360 Software (Beijing) Company Limited |
| Status: | Valid |
Common Places:
| %programfiles%\ludashi\utils |
| %appdata%\360bizhi\utils |
| %profile%\dministrator\application data\360bizhi\utils |
| %profile%\dministrator\application data\360bizhi |
| %programfiles%\ludashi |
| %appdata%\360bizhi |
| %appdata%\360bizhi\360bizhi |
| %system%\config\systemprofile\appdata\roaming\360bizhi |
| %system%\config\systemprofile\appdata\roaming\360bizhi |
| %appdata%\360bizhi |
Geography:
| 35.7% | ||
| 25.3% | ||
| 13.0% | ||
| 4.5% | ||
| 2.6% | ||
| 1.9% | ||
| 1.3% | ||
| 1.3% | ||
| 1.3% | ||
| 1.3% | ||
| 1.3% | ||
| 1.3% | ||
| 1.3% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% |
OS Version:
| Windows 10 | 58.4% | |
| Windows 7 | 29.9% | |
| Windows 8.1 | 5.2% | |
| Windows XP | 2.6% | |
| Windows Server 2008 R2 | 1.9% | |
| Windows Embedded 8.1 | 0.6% | |
| Windows 8 | 0.6% | |
| Windows Server 2003 | 0.6% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0002f99b |
PE Sections:
| Name | Size of data | MD5 |
| .text | 365056 | a6aa1a2cb62905effd7ecbf83a851894 |
| .rdata | 43008 | 02f02afa4d7d7a7ed464b8ba75242e4a |
| .data | 15872 | cc7f27ae61097ba7fcbbbc76b3d3a348 |
| .rsrc | 2048 | 5c15400bbdb690339221fd933e06b0b7 |
| .reloc | 12288 | d0a53515d1c469d1c6ecab3781d1ae80 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for Down.exe
