How to remove GuardMailRu.exe.quarantined
- File Details
- Overview
- Analysis
GuardMailRu.exe.quarantined
The module GuardMailRu.exe.quarantined has been detected as PUP.MailRu
File Details
| Product Name: |
|
| MD5: |
fb5f37c4cc75d23b9860e17693b1f59c |
| Size: |
5 MB |
| First Published: |
2017-05-26 17:04:25 (8 years ago) |
| Latest Published: |
2021-01-13 11:31:51 (4 years ago) |
| Status: |
PUP.MailRu (on last analysis) |
|
| Analysis Date: |
2021-01-13 11:31:51 (4 years ago) |
Overview
| %programfiles%\mail.ru\guard |
| %commonappdata%\guard.mail.ru |
| %allusersprofile%\\application data\guard.mail.ru |
| %windir%\temp |
| %profile%\ocalservice\local settings\temporary internet files\content.ie5\d32op8fg |
| %system%\config\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5\qyttdsvm |
| %programfiles%\mail.ru |
| %commonappdata% |
| %system%\config\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5 |
| %sysdrive%\system volume information\_restore{94120078-57bd-469d-811c-5d09acf9cbf9} |
| GuardMailRu.exe |
| GuardMailRu.exe.quarantined |
| guardmailru.exe |
| GuardMailRu[2].exe |
| 6C75499A93394B4797B9FB628E976093.exe |
| GuardMailRu[1].exe |
| A0007985.exe |
| A0007991.exe |
| BBC911E1D08A4CEBBB1BB8D6612B58FA.exe |
| D0717FC5336243E9BFA7146943085D7E.exe |
| GuardMailRu[3].exe |
| GUARDMAILRU.del |
| E7BC0A6E2F1D49A68B37C4268A2B01F8.exe |
| A0113072.exe |
|
58.0% |
|
|
13.0% |
|
|
6.9% |
|
|
3.6% |
|
|
2.5% |
|
|
1.5% |
|
|
1.3% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.4% |
|
|
0.4% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
| Windows 7 |
70.9% |
|
| Windows 10 |
14.9% |
|
| Windows XP |
7.6% |
|
| Windows 8.1 |
5.0% |
|
| Windows Vista |
0.8% |
|
| Windows 8 |
0.6% |
|
| Windows Embedded 8.1 |
0.2% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00277019 |
| Name |
Size of data |
MD5 |
| .text |
3931136 |
1feded06c9e0511c6e3b3de82b2f0cea |
| .rdata |
894976 |
b12824762e7e4b934fca4e73b3c293cc |
| .data |
118784 |
cde49dfae74a4fdbc36f55b478635d44 |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc |
80384 |
efa88ac6f206217a99677458009e09f0 |
| .reloc |
216064 |
db5de0c6cace320ba757aab68fe30947 |
