How to remove startswinstall.exe

» File
File Details
Overview
Analysis

startswinstall.exe

The module startswinstall.exe has been detected as Worm.Ramnit

Remove startswinstall.exe

File Details

Main Info:

Product Name:	SolidWorks startswinstall
Company Name:	Dassault Systèmes SolidWorks Corp.
MD5:	0e17c6f52ce688ffda9956f84df422bb
Size:	1 MB
First Published:	2019-09-08 21:28:15 (5 years ago)
Latest Published:	2019-09-08 21:45:50 (5 years ago)

Analysis:

Status:	Worm.Ramnit (on last analysis)
Analysis Date:	2019-09-08 21:45:50 (5 years ago)

Common Places:

%sysdrive%\forni-pc\backup set 2019-01-13 190016\backup files 2019-01-13 190016\backup files 18.zip\c\users\forni\desktop\solidworks 2013 64bits\sw2013

%sysdrive%\forni-pc\backup set 2018-12-16 190001\backup files 2018-12-23 190000\backup files 4.zip\c\users\forni\desktop\solidworks 2013 64bits\sw2013

OS Version:

Windows 7

100.0%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00199000

PE Sections:

Name	Size of data	MD5
.text	1166336	548481540fc29b0adbca03a33c125b30
.rdata	273408	64bdb82181626e8e68319e251a8cf51b
.data	23552	a70a597ebe7667bdbceb6fe52c609495
.rsrc	3072	51890d4bac3c1612cfbd2d3c37476971
.reloc	166400	eb4ecd1137c1e0cb5d71be4757a8dc1d
.text	180224	256776960954e972ca4ec9345b05b2c9

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for startswinstall.exe

copyright for information about startswinstall.exe