How to remove nacl64.exe
nacl64.exe
The module nacl64.exe has been detected as PUP.MailRu
File Details
Product Name: | Amigo |
Company Name: | Mail.Ru |
MD5: | 01d9e7dc0cae503d817f39527a14afc3 |
Size: | 5 MB |
First Published: | 2017-05-21 10:03:38 (6 years ago) |
Latest Published: | 2019-06-15 11:36:46 (4 years ago) |
Status: | PUP.MailRu (on last analysis) | |
Analysis Date: | 2019-06-15 11:36:46 (4 years ago) |
Overview
Signed By: | LLC Mail.Ru |
Status: | Valid |
Common Places:
%localappdata%\amigo\application\56.0.2924.180 |
%sysdrive%\adwcleaner\quarantine\files\strtgwcgeedmprtvnwvquhwpcxwazacv\application\56.0.2924.180 |
%sysdrive%\adwcleaner\quarantine\files\djsiikotrfxdjnxqfhqznouhmsjxixwj\application\56.0.2924.180 |
%sysdrive%\adwcleaner\quarantine\files\tlrbgvupvfowqpgkuvqvhrwivhhxnvvd\application\56.0.2924.180 |
%sysdrive%\adwcleaner\quarantine\files\pqpanidhlcdavlguvtlvntcwqqgurkox\application\56.0.2924.180 |
%localappdata%\amigo\temp\source2696_12491\chrome-bin\56.0.2924.180 |
%sysdrive%\adwcleaner\quarantine\files\agqivjkwuvnnbuffzdewequvaiimhoks\application\56.0.2924.180 |
%sysdrive%\adwcleaner\quarantine\files\qzzkbekmakuqclaekqsvjrmsncuwehbe\application\56.0.2924.180 |
%sysdrive%\adwcleaner\quarantine\files\acxiwufxeaoovhcpvdzgvkcxwrscschh\application\56.0.2924.180 |
%sysdrive%\adwcleaner\quarantine\files\kebpalbdclnnrzzcccyhtqgeweyafqzd\application\56.0.2924.180 |
Geography:
36.0% | ||
26.3% | ||
5.3% | ||
5.3% | ||
3.5% | ||
3.5% | ||
3.5% | ||
2.6% | ||
2.6% | ||
1.8% | ||
1.8% | ||
0.9% | ||
0.9% | ||
0.9% | ||
0.9% | ||
0.9% | ||
0.9% | ||
0.9% | ||
0.9% | ||
0.9% |
OS Version:
Windows 10 | 55.3% | |
Windows 7 | 32.5% | |
Windows 8.1 | 7.9% | |
Windows 8 | 4.4% |
Analysis
Subsystem: | Windows GUI |
PE Type: | pe |
OS Bitness: | 64 |
Image Base: | 0x0000000140000000 |
Entry Address: | 0x00387750 |
PE Sections:
Name | Size of data | MD5 |
.text | 3894272 | 7976e3c672783bf0a906feab39a63848 |
.rdata | 1692160 | cdeeeb2f2d11a73ae1b001daf6892de3 |
.data | 20480 | be68481dff1dec9b9758d374e2d5a595 |
.pdata | 219648 | 8ddbfd8e4c4f6138f9c61f214ecb990d |
.tls | 512 | 642db2236dd2f7ae00eeb0a6621ff5e3 |
.gfids | 1024 | ed6b0b900b53780fd97d17a9b6d1c101 |
_RDATA | 33280 | ae12ee5339b4d5233eddd20d918b0218 |
.rsrc | 53248 | f3ac99e433f8761edc9376c571073a8a |
.reloc | 23552 | 2d89e55b8bc8b2734f3566d40d0c3c11 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for nacl64.exe