How to remove adfw.dll

» File
File Details
Overview
Analysis

adfw.dll

The module adfw.dll has been detected as Trojan.ShadowBrokers

adfw.dll

Remove adfw.dll

File Details

Main Info:

MD5:	770d0caa24d964ea7c04ff5daf290f08
Size:	11 KB
First Published:	2017-07-18 23:06:44 (6 years ago)
Latest Published:	2024-03-23 23:02:38 (2 months ago)

Analysis:

Status:	Trojan.ShadowBrokers (on last analysis)
Analysis Date:	2024-03-23 23:02:38 (2 months ago)

Common Places:

%appdata%\ltdltd61\ea

%appdata%\notifynotify82\ea

%system%\mfen.exe

%windir%\setup\fou

%commonappdata%\rundll

%windir%\system32

%commonappdata%\svhost

%temp%\5\rarsfx1

%sysdrive%\$recycle.bin\s-1-5-21-2570348591-2767011175-3200952900-1016\$ro0c72t.rar\445\run\specials

%temp%\5\rarsfx3

Geography:

	39.0%
	12.6%
	9.1%
	8.3%
	3.7%
	3.7%
	2.7%
	2.5%
	1.8%
	1.6%
	1.4%
	1.3%
	0.9%
	0.9%
	0.7%
	0.7%
	0.7%
	0.6%
	0.6%
	0.5%
	0.4%
	0.4%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 7	85.9%
Windows 10	8.9%
Windows Server 2008 R2	2.6%
Windows 8.1	1.1%
Windows XP	0.8%
Windows Server 2012 R2	0.3%
Windows Vista	0.3%
Windows Web Server 2008 R2	0.1%
Windows Server 2003	0.1%
Windows 8	0.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x10000000
Entry Address:	0x00002264

PE Sections:

Name	Size of data	MD5
.text	5632	6b24c6b5aa30d8e91f981bc623328417
.rdata	3584	99bff1e24dd72000a98c3124e314814c
.data	512	f5b5fca852b032db4ac60f963b14da2c
.reloc	512	73b5e20a0799888d95bb6058f8bc9508

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for adfw.dll

copyright for information about adfw.dll