How to remove YImage.dll
YImage.dll
The module YImage.dll has been detected as Worm.Ramnit
File Details
| Product Name: | Yahoo! Messenger |
| Company Name: | Yahoo! Inc. |
| MD5: | ab2eab39bcae8ec3699d07678c7dc088 |
| Size: | 368 KB |
| First Published: | 2018-04-15 08:11:28 (6 years ago) |
| Latest Published: | 2018-04-15 08:11:39 (6 years ago) |
| Status: | Worm.Ramnit (on last analysis) | |
| Analysis Date: | 2018-04-15 08:11:39 (6 years ago) |
Common Places:
| %sysdrive%\กู้กู้งาน 240658\root\program files\yahoo! |
| %sysdrive%\งานกู้ 240658\root\program files\yahoo! |
Geography:
| 100.0% |
OS Version:
| Windows XP | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x60c10000 |
| Entry Address: | 0x00033000 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 155648 | c0d7d2c5f2f4baafadeec18f8a4f581c |
| .rdata | 36864 | 8b2dce523cf28c249e107c5f8562f34b |
| .data | 4096 | 925e6de8f09462b071aff52d9894d8c4 |
| .rsrc | 4096 | 2b38a80a98288620c6343ddf740245d6 |
| .reloc | 4096 | 64fa0b06fd5f187b71201e41004512bf |
| .text | 167936 | a3555aa1d1eab5ec494beb583331c24e |
More information:
Download GridinSoft
Anti-Malware - Removal tool for YImage.dll
