How to remove MSVC.exe
MSVC.exe
The module MSVC.exe has been detected as Trojan.Agent
File Details
Product Name: | XMRig |
Company Name: | www.xmrig.com |
MD5: | 099aca520a5479697b25ee9b50744275 |
Size: | 689 KB |
First Published: | 2017-08-09 20:11:12 (6 years ago) |
Latest Published: | 2019-08-04 23:32:03 (4 years ago) |
Status: | Trojan.Agent (on last analysis) | |
Analysis Date: | 2019-08-04 23:32:03 (4 years ago) |
Common Places:
%profile%\suario\datos de programa\xmrig |
%appdata%\msvc |
%appdata%\claymore cryptonote cpu miner v3.5 beta - pool |
%sysdrive%\docume~1\admini~1\locals~1\temp\temporary directory 1 for 61.tmp.zip\claymore cryptonote cpu miner v3.5 beta - pool |
%profile%\dministrator\application data\claymore cryptonote cpu miner v3.5 beta - pool |
%sysdrive%\system volume information\_restore{7c4108fa-01fa-40fa-8222-2736c58856e9}\rp144 |
%profile%\dministrator\local settings\temporary internet files\content.ie5\mgxv2dfg\claymore+cryptonote+cpu+miner+v3.5+beta+-+pool[1].zip\claymore cryptonote cpu miner v3.5 beta - pool |
%sysdrive%\applications |
%profile%\dmin\application data\claymore cryptonote cpu miner v3.5 beta - pool |
%sysdrive%\$recycle.bin\s-1-5-21-3491719837-2551425805-360404-1000 |
File Names:
xmrig.exe |
MSVC.exe |
NsCpuCNMiner32.exe |
A0174280.exe |
websock.exe |
$ROD0GRI.exe |
securedisk.exe |
$ROQVIXP.exe |
A0059383.exe |
Geography:
18.8% | ||
18.1% | ||
8.7% | ||
8.7% | ||
5.1% | ||
4.3% | ||
4.3% | ||
3.6% | ||
2.9% | ||
2.9% | ||
2.2% | ||
1.4% | ||
1.4% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% | ||
0.7% |
OS Version:
Windows 7 | 55.4% | |
Windows XP | 26.6% | |
Windows 10 | 12.2% | |
Windows 8.1 | 3.6% | |
Windows 8 | 1.4% | |
Windows Server 2003 | 0.7% |
Analysis
Subsystem: | Windows CUI |
PE Type: | pe |
OS Bitness: | 32 |
Image Base: | 0x00400000 |
Entry Address: | 0x000014e0 |
PE Sections:
Name | Size of data | MD5 |
.text | 538624 | aed0b07f4bcf168a208dc35de51cfec2 |
.data | 1024 | 36f4d5348a8541c1936b24f534ebf34c |
.rdata | 54272 | 32345a26b74c7ebcd7dc35733ddf1823 |
.eh_fram | 83456 | 873cd5b16e881cead57d4ff7353a79f8 |
.bss | 0 | 00000000000000000000000000000000 |
.idata | 9216 | e360772e418e5e01a2a8348262c04a59 |
.CRT | 512 | fa2d2d6fbdf5f62a9813366753a77499 |
.tls | 512 | b52677a9dd4aee6dc09d020211a79bf1 |
.rsrc | 17360 | 4c778635d8de213f736346a16d42f656 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for MSVC.exe