How to remove procexp.exe

procexp.exe

The module procexp.exe has been detected as Trojan.CoinMiner

procexp.exe
Remove procexp.exe

File Details

Product Name:

Process Explorer
Company Name:

Sysinternals - www.sysinternals.com
MD5: fb2b11050bd4207810bf53c7bd40d72a
Size: 2 MB
First Published: 2017-05-28 12:01:40 (6 years ago)
Latest Published: 2018-01-11 23:10:05 (6 years ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2018-01-11 23:10:05 (6 years ago)

Common Places:

%profile%\desktop
%sysdrive%\distr\qiq\nirlauncher package 1.20.19 _ sysinternals suite\nirlauncher.1.20.19.by.punsh.rar\nirlauncherportablepunsh\app\nirlauncher
%sysdrive%\distr\qiq\windows system control center\wscc.3.3.0.0_v2.5.1.0ru.rar\windows system control center

File Names:

PROCEXP.EXE
procexp.exe

Geography:

66.7%
33.3%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0009ba18

PE Sections:

Name Size of data MD5
.text 763904 a87324e167ad3ccfb7b216d0c50b5257
.rdata 185856 c909f878f488a9ac562f12cbe2a58d64
.data 37376 109975e777ca887e8c27e04ced2c41ff
.rsrc 1721344 f2dda914a3539d15f19f66822589c898
.reloc 50688 fb54af943e76b308cd64169ed680c929
.data 15360 79414736edcf185172d8387170107e27

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for procexp.exe
copyright for information about procexp.exe