How to remove avast.exe

avast.exe

The module avast.exe has been detected as Risk.CoinMiner

avast.exe
Remove avast.exe

File Details

Product Name:

XMRig
Company Name:

www.xmrig.com
MD5: ce91bfbac1f4dd01ae9c1725e51ee530
Size: 695 KB
First Published: 2017-08-29 10:03:21 (6 years ago)
Latest Published: 2019-03-11 00:12:59 (5 years ago)
Status: Risk.CoinMiner (on last analysis)
Analysis Date: 2019-03-11 00:12:59 (5 years ago)

Common Places:

%windir%\syswow64
%sysdrive%\wamp\www\config\configuration\defender
%programfiles%\srsroot
%sysdrive%\exportech\itimeweb\webdav
%sysdrive%\windows
%sysdrive%\user
%system%\hs\hs_module\mainer
%windir%\system32
%appdata%\micromon
%windir%\temp

File Names:

csrs.exe
avast.exe
xmrig32.exe
x.exe
xmrig.exe
xmrigf.exe
winsrty.exe
xmr86.exe
ServicesFooled.exe
ServicesFooleds.exe
ServiceFooleds.exe
run32.exe
curl.exe
winlogon.exe
booster.exe
xmrig.exe.quarantined
VC9linker.exe
XMR.exe
taskmgrs.exe
booster (1).exe

Geography:

33.1%
10.2%
7.1%
6.3%
6.3%
4.7%
4.7%
3.9%
3.9%
2.4%
2.4%
1.6%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%

OS Version:

Windows 7 50.9%
Windows Server 2008 R2 21.3%
Windows Server 2003 11.1%
Windows Server 2012 R2 8.3%
Windows 10 2.8%
Windows 8.1 2.8%
Windows XP 1.9%
Windows Vista 0.9%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00001500

PE Sections:

Name Size of data MD5
.text 543232 dacec46e6d9477345c500f27e246804f
.data 1024 d9eac4feed64535cceb46eee74dc72b1
.rdata 54784 73a1dbbc76eb3f062ef9613affe5733e
.eh_fram 83968 64f673d2b6713227f8c24972fcf8cdd2
.bss 0 00000000000000000000000000000000
.idata 9216 2b49da74fcbf027b7c65f5a4f3bbed6b
.CRT 512 e40c2d8d91fbe6021770a87eb388b251
.tls 512 24e248c3b64bbd0b1cfd44919aeed473
.rsrc 17344 4e893b42499c9655bf4a3afbc24345fc

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for avast.exe
copyright for information about avast.exe