How to remove d2s[1].exe

d2s[1].exe

The module d2s[1].exe has been detected as Trojan.LoadMoney

d2s[1].exe
Remove d2s[1].exe

File Details

MD5: 3b46740da2ac7eed3261189a0d953c43
Size: 123 KB
First Published: 2017-05-24 13:09:36 (7 years ago)
Latest Published: 2018-05-07 09:16:23 (6 years ago)
Status: Trojan.LoadMoney (on last analysis)
Analysis Date: 2018-05-07 09:16:23 (6 years ago)

Overview

Signed By: "Ask-Integrator", Ltd.
Status: Valid

Common Places:

%localappdata%\microsoft\windows\inetcache\ie\zix01uy5
%localappdata%\microsoft\windows\inetcache\ie\or2k3pjp
%localappdata%\microsoft\windows\temporary internet files\content.ie5\c03irty8
%localappdata%\microsoft\windows\temporary internet files\content.ie5\lphg8mzi
%localappdata%\microsoft\windows\inetcache\ie\k2ucg88d
%localappdata%\microsoft\windows\temporary internet files\content.ie5\05w1eh8i
%localappdata%\microsoft\windows\inetcache\ie\q1epi978
%localappdata%\microsoft\windows\inetcache\ie\o3scdxnr
%localappdata%\microsoft\windows\temporary internet files\content.ie5\qgavxitd
%localappdata%\microsoft\windows\temporary internet files\content.ie5\61fw9olv

Geography:

31.8%
13.6%
13.6%
9.1%
9.1%
9.1%
4.5%
4.5%
4.5%

OS Version:

Windows 7 54.5%
Windows 10 31.8%
Windows 8.1 9.1%
Windows 8 4.5%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00006947

PE Sections:

Name Size of data MD5
.text 77312 7bfd4ac35576949bad0a54763913e973
.rdata 31232 24436179373c713567fcece29bf374ad
.data 5120 75a56ae796b3bffcadb048a99626ffe4
.rsrc 512 045453f3484a5fb7bc6b7c8c2c73748f
.reloc 5632 4b45642e83ca221225d1e6fe73927430

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for d2s[1].exe
copyright for information about d2s[1].exe