How to remove javas.exe

javas.exe

The module javas.exe has been detected as Trojan.CoinMiner

javas.exe
Remove javas.exe

File Details

Product Name:

NSSM 32-bit
MD5: d9ec6f3a3b2ac7cd5eef07bd86e3efbc
Size: 288 KB
First Published: 2017-05-21 10:03:21 (8 years ago)
Latest Published: 2025-07-07 23:01:14 (4 months ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2025-07-07 23:01:14 (4 months ago)

Common Places:

%appdata%
%localappdata%\httpfilter
%windir%\fonts
%localappdata%\host service
%appdata%\system
%programfiles%\newext
%profile%\ser\application data
%sysdrive%\windows
%profile%\алина\application data
%profile%\дминистратор\application data

File Names:

nssm.exe
javas.exe
winsvchost.exe
WinSvchost.exe
csrss.exe
mscorsvw.exe
sweventstoresvc.exe
nssm_32.exe
java.exe
svchost.exe
nssm_0396c17a.exe
nssm_5ee9da7d_011d697c.exe
nssm_5ee9da7d.exe
nssm_011d697c.exe
nssm_5ee9da7d_0396c17a.exe
debug.exe
spoolse.exe
enplus.exe
NSSM.del
enplus.exe.vir
nssm_111.exe
enplus.wqe
IEXPL0RE.EXE

Geography:

46.9%
30.6%
5.8%
5.6%
1.7%
0.8%
0.6%
0.5%
0.4%
0.4%
0.4%
0.4%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 7 65.3%
Windows 10 21.7%
Windows 8.1 6.5%
Windows Server 2003 2.9%
Windows XP 2.0%
Windows 8 1.2%
Windows Server 2008 R2 0.2%
Windows Server 2012 R2 0.2%
Windows Vista 0.1%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00013e53

PE Sections:

Name Size of data MD5
.text 114176 b92c191c9f939ce4c12bf8e55319e935
.rdata 18944 0d1cd74dc435d64afcb78a0cd2f923ec
.data 5120 4492984c066180a50b40cbb63640632f
.rsrc 155648 7568461a77238b48b3b2e7ae76406d4d

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for javas.exe
copyright for information about javas.exe