How to remove windir.exe
windir.exe
The module windir.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: | Dutch Windmills 3D Screensaver |
| Company Name: | BELOFF |
| MD5: | d6260b50218aad07e894d597e94fc5a6 |
| Size: | 492 KB |
| First Published: | 2018-01-24 08:05:09 (6 years ago) |
| Latest Published: | 2018-01-24 08:05:09 (6 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2018-01-24 08:05:09 (6 years ago) |
Common Places:
| %commonappdata% |
Geography:
| 100.0% |
OS Version:
| Windows 7 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00019558 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 314880 | 4be262d30818e6759e1c3f8f8e300fb5 |
| .rdata | 96768 | 5d29457bbc0ffc2e926e3562eb0cb308 |
| .data | 5120 | f5b24f49ce6be35a5f089ba6969aab89 |
| .rsrc | 70656 | 45db90a9d61de03cdda2eb17b7bbc62c |
| .reloc | 15360 | f19cc77060ea37084a8a5b17927377ec |
More information:
Download GridinSoft
Anti-Malware - Removal tool for windir.exe
