How to remove procexp64.exe

procexp64.exe

The module procexp64.exe has been detected as Trojan.CoinMiner

procexp64.exe
Remove procexp64.exe

File Details

Product Name:

Process Explorer
Company Name:

Sysinternals - www.sysinternals.com
MD5: 2aa048234fc192e2a0c11e2c6a117af7
Size: 1 MB
First Published: 2018-01-11 23:09:55 (7 years ago)
Latest Published: 2018-01-11 23:09:57 (7 years ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2018-01-11 23:09:57 (7 years ago)

Common Places:

%sysdrive%\distr\qiq\process.explorer.16.21_monitor.3.4.rar\process explorer 16.21\processexplorer_ru\processexplorerportableapps_x64\app
%sysdrive%\distr\qiq\process.explorer.16.21_monitor.3.4.rar\process explorer 16.21

File Names:

procexp.exe
procexp64.exe

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x000ae184

PE Sections:

Name Size of data MD5
.text 847360 30c2972315e15d4451883ec0041921c7
.rdata 296960 14612ed8efdaa3a628f02b363f87a52e
.data 46592 f0872cfc173bf1fde4dc07cbecb207a3
.pdata 30208 5cb67d3c687da44e42e55f729294d651
.rsrc 267776 12d2ec3b687cf77baed432a335e4266e
.reloc 5120 bd6d3159084a8cdd606ecb61184c168b
.data 15872 3c9f1d47c9ecfffa0820ed5864f4bdd5

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for procexp64.exe
copyright for information about procexp64.exe