How to remove winDecrypt.exe

» File
File Details
Overview
Analysis

winDecrypt.exe

The module winDecrypt.exe has been detected as General Threat

winDecrypt.exe

Remove winDecrypt.exe

File Details

Main Info:

Product Name:	PDF Password Remover
Company Name:	Copyright (C) 2000-2007 VeryPDF.com Inc
MD5:	930d259782c0ec1a724c9b9ce750cd89
Size:	840 KB
First Published:	2017-05-24 16:09:57 (7 years ago)
Latest Published:	2021-01-06 03:51:47 (4 years ago)

Analysis:

Status:	General Threat (on last analysis)
Analysis Date:	2021-01-06 03:51:47 (4 years ago)

Common Places:

%profile%\downloads\pdf password remover

%programfiles%\pdf password remover

%sysdrive%\tools\pdf_password_remover_3.0.rar

%desktop%\桌面\應用程式

%desktop%\應用程式

%programfiles%

%sysdrive%\softwares\others

%sysdrive%\softwares\others\pdf password remover\pdf_password_remover_3.0.rar

%sysdrive%\softwares\pdf_password_remover_3.0.rar

%sysdrive%\3\0_mysetup\my documents\downloads\pdf_password_remover_3.0.rar

Geography:

	95.0%
	4.0%
	1.0%

OS Version:

Windows 10	50.0%
Windows 7	40.0%
Windows 8	4.0%
Windows 8.1	3.0%
Windows Server 2008 R2	3.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000655bd

PE Sections:

Name	Size of data	MD5
unpacked	536576	cee5f2daa6505edc043e86c2e0a90fc2
unpacked	303104	b64e36230a3033cb77abed4139fa46b7
unpacked	8192	4d99574d24a397af41c6b5d95fcd8502
.snaker	8192	2bdf0a7e52d07f748a7d6566aaec66cd

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for winDecrypt.exe

copyright for information about winDecrypt.exe