How to remove hstart.exe
hstart.exe
The module hstart.exe has been detected as Hijack.Explorer
File Details
| Product Name: | Hidden Start |
| Company Name: | NTWind Software |
| MD5: | e03cc652ee1837198a3dc35166b91a0f |
| Size: | 175 KB |
| First Published: | 2024-12-11 23:00:57 (9 months ago) |
| Latest Published: | 2024-12-11 23:00:58 (9 months ago) |
| Status: | Hijack.Explorer (on last analysis) | |
| Analysis Date: | 2024-12-11 23:00:58 (9 months ago) |
Overview
| Signed By: | NTWind Software |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %programfiles% |
| %programfiles% |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00005a6e |
PE Sections:
| Name | Size of data | MD5 |
| .text | 66560 | 709ee66f3b2dd489fa7406e20415957d |
| .rdata | 33792 | dfff40ef603cd262fae3e046b24f2ccc |
| .data | 25600 | 05b55fa803eabf44e7f784843cd0e51d |
| .gfids | 512 | 154aeba3cab18c567b2b66761d9fcb7d |
| .rsrc | 30208 | 9169e1154484664680172f8929d3a0c4 |
| .reloc | 5120 | c210ad2367710a98c6681de81efa7f25 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for hstart.exe
