How to remove runw.exe

runw.exe

The module runw.exe has been detected as Trojan.Agent

runw.exe
Remove runw.exe

File Details

MD5: 5829c81cf9565b4ebf6c36c17e9161d4
Size: 267 KB
First Published: 2020-02-03 04:30:42 (5 years ago)
Latest Published: 2021-04-18 20:32:26 (4 years ago)
Status: Trojan.Agent (on last analysis)
Analysis Date: 2021-04-18 20:32:26 (4 years ago)

Common Places:

%profile%\anaconda3\envs\keston-project\lib\site-packages\pyinstaller\bootloader
%localappdata%\programs\thonny\lib\site-packages\pyinstaller\bootloader
%appdata%\python\python38\site-packages\pyinstaller\bootloader
%commonappdata%\anaconda3\lib\site-packages\pyinstaller\bootloader
%profile%\downloads\pyinstaller-develop.zip\pyinstaller-develop\pyinstaller\bootloader
%profile%\anaconda3\lib\site-packages\pyinstaller\bootloader
%sysdrive%\pi\pyinstaller-3.6\pyinstaller\bootloader
%profile%\onedrive\desktop\cuadp7.2\cuadp program demov7\venv\lib\site-packages\pyinstaller-3.6-py3.6.egg\pyinstaller\bootloader
%profile%\onedrive\desktop\cuadp7.2\cuadp program demov7\venv\lib\site-packages\pyinstaller-3.6-py3.6.egg\pyinstaller\bootloader
%localappdata%\programs\python\python38-32\lib\site-packages\pyinstaller\bootloader

Geography:

11.1%
8.3%
8.3%
8.3%
8.3%
5.6%
5.6%
5.6%
5.6%
5.6%
2.8%
2.8%
2.8%
2.8%
2.8%
2.8%
2.8%
2.8%
2.8%
2.8%

OS Version:

Windows 10 86.5%
Windows 7 13.5%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00008ef8

PE Sections:

Name Size of data MD5
.text 134656 ff2440518f03dde94ed9e5b2e377f847
.rdata 62976 2d605f3828b73c4175f7129a3eccba50
.data 3072 c926f201a6cca2c9ef076b807b13354f
.pdata 7680 3d773adc721a0a380af6df220eda7635
.gfids 512 ecf6785a081e1b4ffbe0ae7dfca3fefb
.rsrc 61440 57c7c5ea7ea6d00bee75c47ee948943a
.reloc 2048 209b202cf3376b99ed5e06aa5ff871b6

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for runw.exe
copyright for information about runw.exe