How to remove eventvwr.exe

» File
File Details
Overview
Analysis

eventvwr.exe

The module eventvwr.exe has been detected as Ransom.Sabsik

eventvwr.exe

Remove eventvwr.exe

File Details

Main Info:

Product Name:	Aomei Dynamic Disk Converter
Company Name:	Aomei Technology Co., Ltd
MD5:	b39c50b859fb841cf339ab50caf7f9b3
Size:	2 MB
First Published:	2023-03-21 23:48:10 (2 years ago)
Latest Published:	2023-03-21 23:58:50 (2 years ago)

Analysis:

Status:	Ransom.Sabsik (on last analysis)
Analysis Date:	2023-03-21 23:58:50 (2 years ago)

Common Places:

%appdata%

%appdata%

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00973b9c

PE Sections:

Name	Size of data	MD5
	3072	6a957434c7d7415eda1bd97f8e1a0cb0
	2560	3bd9139e8539ffaea33f9d900545e78d
	0	d41d8cd98f00b204e9800998ecf8427e
	1024	a4184c75334d062480dd042e23996e99
	0	d41d8cd98f00b204e9800998ecf8427e
.rsrc	88576	7effc54cf2c005f2d24ed77defa896cd
	0	d41d8cd98f00b204e9800998ecf8427e
.data	2176000	ac18d4e320c4426941b1ce5aedf18ba9

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for eventvwr.exe

copyright for information about eventvwr.exe