How to remove alternateshell.exe

» File
File Details
Overview
Analysis

alternateshell.exe

The module alternateshell.exe has been detected as Hijack.Explorer

alternateshell.exe

Remove alternateshell.exe

File Details

Main Info:

MD5:	9ec3d89978c9a2ea2a7454d2913d79d2
Size:	95 KB
First Published:	2017-09-06 15:09:00 (6 years ago)
Latest Published:	2024-02-17 23:03:13 (2 months ago)

Analysis:

Status:	Hijack.Explorer (on last analysis)
Analysis Date:	2024-02-17 23:03:13 (2 months ago)

Overview

Digital Signature

Signed By:	JWTS
Status:	Valid

Common Places:

%sysdrive%\programdata

%sysdrive%\wsession

%profile%

%commonappdata%

%sysdrive%

%commonappdata%

%commonappdata%

%commonappdata%

%commonappdata%

%sysdrive%

File Names:

uninst.exe

alternateshell.exe

removelastfolders.exe

logonsession.exe

myremoteapp.exe

cl.1497297930.bdinstall.exe

dm.1497298270.bdinstall.exe

agent.1497297800.bdinstall.exe

agent.update.1497297924.bdinstall.exe

dm.uninstall.1497300184.bdinstall.exe

cl.uninstall.1510940932.bdinstall.exe

MyRemoteApp.exe

Geography:

	67.0%
	10.9%
	4.5%
	2.9%
	2.9%
	2.5%
	2.0%
	1.5%
	1.1%
	1.1%
	0.8%
	0.8%
	0.7%
	0.6%
	0.3%
	0.3%

OS Version:

Windows 10	94.8%
Windows 7	4.4%
Windows 8.1	0.8%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0000142f

PE Sections:

Name	Size of data	MD5
.text	18432	bfe456f7a3fdcdf87f19fab9c5282cfa
.rdata	8704	6fa22570a9a1b4e35307a9afeb4266f3
.data	3072	620b9cb1222dfbdffbd6f90fa59cdf84
.rsrc	56832	1c6847ff955d6e7e31e237b103edf39a
.reloc	2560	44f6a563cee2cdbab78017f67b876d93

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for alternateshell.exe

copyright for information about alternateshell.exe