How to remove winlogon.exe

winlogon.exe Removal: How to Get Rid of winlogon.exec24315b0585b852110977dacafe6c8c1

winlogon.exe

The module winlogon.exe has been detected as Trojan.Agent

winlogon.exe
MD5: c24315b0585b852110977dacafe6c8c1
Size: 44 KB
First Published: 2017-09-27 04:10:08 (3 years ago)
Latest Published: 2021-07-20 20:44:13 (9 days ago)
Status: Trojan.Agent (on last analysis)
Analysis Date: 2021-07-20 20:44:13 (9 days ago)
%profile%\ocalservice\local settings\temp\1229191031
%profile%\ocalservice\local settings\temp\1195433385
%profile%\ocalservice\local settings\temp\1150596088
%profile%\ocalservice\local settings\temp\1491739677
%profile%\ocalservice\local settings\temp\1563003529
%profile%\ocalservice\local settings\temp\1418631798
%profile%\ocalservice\local settings\temp\1527378999
%profile%\ocalservice\local settings\temp\1615519974
%profile%\ocalservice\local settings\temp\1272324006
%profile%\ocalservice\local settings\temp\1381097752
Doublepulsar-1.3.1.exe
spoolsv.exe
SVCHOST.EXE
d.exe
Doublepulsar-1.3.1.exe.quarantined
chrome..exe
$R4FBI95.exe
c.exe
puls.exe
spoolsv1.exe
star.exe
winlogon.exe
37.6%
11.4%
10.2%
8.6%
4.4%
3.5%
2.4%
2.2%
1.7%
1.5%
1.5%
1.4%
1.3%
0.8%
0.8%
0.7%
0.7%
0.7%
0.6%
0.6%
0.6%
0.5%
0.5%
0.4%
0.4%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
Windows 7 83.5%
Windows 10 8.5%
Windows Server 2008 R2 3.6%
Windows Server 2003 1.5%
Windows XP 1.0%
Windows 8.1 0.9%
Windows Server 2012 R2 0.6%
Windows Vista 0.3%
Windows Web Server 2008 R2 0.1%
Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00003eb5

PE Sections:

Name Size of data MD5
.text 13312 47a2b82dfccc8f79faf38beae871f9ca
.rdata 8192 ee1c04e69fc13c8b46ed2e3e4e80e654
.data 19968 158788917d9d1aab2eef5af81bd8e2e5
.rsrc 512 44a70bdd3dc9af38103d562d29023882
.reloc 2560 ae00eeed0074e97ccb8f9d1e378313b2

More information:

Download GridinSoft Anti-Malware - Removal tool for winlogon.exe