How to remove PostRebootExecuter.exe%23B76220C349C6CB17
- File Details
- Overview
- Analysis
PostRebootExecuter.exe%23B76220C349C6CB17
The module PostRebootExecuter.exe%23B76220C349C6CB17 has been detected as PUP.Reimage
File Details
| MD5: |
3c8f8fef1b8d84cf6d8d0f6284b38beb |
| Size: |
3 MB |
| First Published: |
2017-05-31 11:11:04 (6 years ago) |
| Latest Published: |
2021-11-07 21:44:01 (2 years ago) |
| Status: |
PUP.Reimage (on last analysis) |
|
| Analysis Date: |
2021-11-07 21:44:01 (2 years ago) |
Overview
| %sysdrive%\reimageundo\postreboot |
| %sysdrive%\adwcleaner\quarantine\files\ebzlnublagrgkhhlmevdoawknacpisvc\postreboot |
| %sysdrive%\adwcleaner\quarantine\files\rdegrrbdcdbungxspkszejdlqhpntjlx\postreboot |
| %sysdrive%\adwcleaner\quarantine\files\pohlmlnglyamedolermpkpatslrsdmdh\postreboot |
| %sysdrive%\adwcleaner\quarantine\files\jykfvojydpyaqbuqpsssvkjisbwjdjwa\postreboot |
| %sysdrive%\adwcleaner\quarantine\fraqbc8wsa\postreboot |
| %sysdrive%\adwcleaner\quarantine\rywtiizs2t\postreboot |
| %sysdrive%\reimageundo |
| %sysdrive%\adwcleaner\quarantine\files\nayxycjiilnjvycauyftxjqiffavbnez |
| %sysdrive%\system volume information\systemrestore\frstaging\reimageundo |
| PostRebootExecuter.exe |
| PostRebootExecuter(28).exe |
| PostRebootExecuter.exe#B76220C349C6CB17 |
|
32.0% |
|
|
11.2% |
|
|
6.8% |
|
|
6.3% |
|
|
3.9% |
|
|
3.4% |
|
|
2.9% |
|
|
2.9% |
|
|
2.9% |
|
|
2.4% |
|
|
2.4% |
|
|
2.4% |
|
|
2.4% |
|
|
2.4% |
|
|
2.4% |
|
|
1.9% |
|
|
1.9% |
|
|
1.5% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
| Windows 10 |
82.7% |
|
| Windows 7 |
12.0% |
|
| Windows 8.1 |
4.8% |
|
| Windows 8 |
0.5% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x001e2334 |
| Name |
Size of data |
MD5 |
| .text |
2203136 |
bd4a26edab5ff30a1c15e84778ed7b34 |
| .rdata |
983552 |
a96f3f6ca234f107f912f9296c47c08a |
| .data |
117248 |
7f960c2ffa59eb385ddcf729f5f579f0 |
| .pdata |
99328 |
3a9be03ec4875f0bcecf3740462dfaaa |
| text |
3072 |
478cd2067909329b8b04fdb41078d650 |
| data |
2048 |
08eb5373e50c14af06e0d9ef791fdcfc |
| .rsrc |
1024 |
c88b8dd0b8a9991518e4a05d81736433 |
| .reloc |
86016 |
efb3f2390f9f2f0bece54d7a781d5683 |
