How to remove unelevate.exe

unelevate.exe

The module unelevate.exe has been detected as Adware.SBWatchman

unelevate.exe
Remove unelevate.exe

File Details

MD5: a91466b2f222dfe1ddaff6d022f5544a
Size: 92 KB
First Published: 2017-07-23 12:14:45 (8 years ago)
Latest Published: 2025-10-15 23:00:35 (3 weeks ago)
Status: Adware.SBWatchman (on last analysis)
Analysis Date: 2025-10-15 23:00:35 (3 weeks ago)

Overview

Signed By: Speed-Bit LTD
Status: Valid

Common Places:

%programfiles%\ytdownloader
%programfiles%\dap
%programfiles%\speedbit video accelerator
%desktop%\dap
%sysdrive%\windows.old\users\james\appdata\local\temp\sainst
%sysdrive%\windows.old\users\james\appdata\local\temp
%sysdrive%\adwcleaner\quarantine\files\eqsklkrngkjosevtlffqbrhbrmxkiynx
%temp%\sainst
%localappdata%\temp
%temp%\nsgbb98.tmp

File Names:

Unelevate.exe
unelevate.exe
A0116801.exe

Geography:

16.0%
10.0%
7.4%
5.2%
4.8%
4.7%
3.4%
2.7%
2.3%
2.3%
2.1%
1.9%
1.8%
1.6%
1.5%
1.5%
1.5%
1.3%
1.3%
1.3%
1.3%
1.3%
1.1%
1.1%
1.0%
1.0%
1.0%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.6%
0.6%
0.6%
0.6%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%

OS Version:

Windows 10 44.5%
Windows 7 37.2%
Windows 8.1 11.7%
Windows XP 4.0%
Windows Vista 1.1%
Windows 8 0.9%
Windows Server 2012 0.2%
Windows Server 2016 0.2%
Windows Server 2008 R2 0.2%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000028f4

PE Sections:

Name Size of data MD5
.text 61440 5959ab3b6b39bc365f9192215bfb0cac
.rdata 13824 94039be043e18d8d55e6cf5ff9695133
.data 5120 028c55fc9f3494a142d054b7b358dd6f
.rsrc 512 bd818411e8499957c9e7bf18e6e80a50
.reloc 6656 54b062c4ecf98d57b41fd003fdd15916

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for unelevate.exe
copyright for information about unelevate.exe