How to remove windir.exe
windir.exe
The module windir.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | 3Planesoft Screensaver Manager |
| Company Name: | 3Planesoft |
| MD5: | 9ea2abb760cf88c44661723cd88f0062 |
| Size: | 682 KB |
| First Published: | 2018-06-12 02:09:51 (5 years ago) |
| Latest Published: | 2018-06-12 02:09:51 (5 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2018-06-12 02:09:51 (5 years ago) |
Common Places:
| %commonappdata% |
Geography:
| 100.0% |
OS Version:
| Windows 8.1 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0012d000 |
PE Sections:
| Name | Size of data | MD5 |
| UPX0 | 0 | 00000000000000000000000000000000 |
| UPX1 | 488448 | b46e4987c009712b40347435208f34d9 |
| .rsrc | 209408 | b31f3a1f5553f6229a8148b91d0b6a29 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for windir.exe
