How to remove qedit.exe
qedit.exe
The module qedit.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | Realtek HD Auido Update and remove driver Tool |
| Company Name: | Realtek Semiconductor Corp. |
| MD5: | effd3f3684d270b814d15c09a0b895c5 |
| Size: | 7 MB |
| First Published: | 2019-04-18 23:11:15 (5 years ago) |
| Latest Published: | 2019-09-06 04:57:21 (5 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2019-09-06 04:57:21 (5 years ago) |
Overview
| Signed By: | Simon Tatham |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %commonappdata% |
| %commonappdata% |
| %sysdrive%\$recycle.bin |
| %sysdrive%\$recycle.bin\s-1-5-21-2470483018-1788632808-3985751911-1001 |
Geography:
| 40.0% | ||
| 40.0% | ||
| 20.0% |
OS Version:
| Windows 7 | 60.0% | |
| Windows 10 | 40.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000000400000 |
| Entry Address: | 0x00ca7ed8 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 0 | 00000000000000000000000000000000 |
| .data | 0 | 00000000000000000000000000000000 |
| .rdata | 0 | 00000000000000000000000000000000 |
| .pdata | 0 | 00000000000000000000000000000000 |
| .xdata | 0 | 00000000000000000000000000000000 |
| .bss | 0 | 00000000000000000000000000000000 |
| .idata | 0 | 00000000000000000000000000000000 |
| .CRT | 0 | 00000000000000000000000000000000 |
| .tls | 0 | 00000000000000000000000000000000 |
| .vmp0 | 0 | 00000000000000000000000000000000 |
| .vmp1 | 7737856 | 3bdd5d397b6567baf48b595f04b40fec |
| .rsrc | 288256 | 1a2a9d8ddb16c8c6bcd234c7366b5870 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for qedit.exe
