How to remove winhost.exe

» File
File Details
Overview
Analysis

winhost.exe

The module winhost.exe has been detected as PUP.FlySvr

winhost.exe

Remove winhost.exe

File Details

Main Info:

Product Name:	winhost
Company Name:	winhost
MD5:	ac5c40539bfa1fbd1ae58b2dcd19698b
Size:	2 MB
First Published:	2020-05-30 15:32:49 (5 years ago)
Latest Published:	2023-01-12 23:18:14 (2 years ago)

Analysis:

Status:	PUP.FlySvr (on last analysis)
Analysis Date:	2023-01-12 23:18:14 (2 years ago)

Overview

Digital Signature

Signed By:	J.onaxh Network Technology Co., Ltd.
Status:	Valid

Common Places:

%localappdata%

%localappdata%

%localappdata%

%localappdata%

%localappdata%

%localappdata%

%sysdrive%\$recycle.bin\s-1-5-18\$rf4ier9.old\users\abdou\appdata\local

Geography:

	57.1%
	28.6%
	14.3%

OS Version:

Windows 7	57.1%
Windows 10	42.9%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0015c2ad

PE Sections:

Name	Size of data	MD5
.text	1914880	4dde946b2d65d061937be4f5cadbe033
.rdata	164864	f81d634f82de90a137993585456dc85f
.data	30720	42e8f809535532d4265f50c61e0c44aa
.rsrc	83456	35d957fba97ab92e387777e3e696fad1
.reloc	69632	a40f91027ab031a75831bd3399b8b8ef

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for winhost.exe

copyright for information about winhost.exe