How to remove wintooll.exe

» File
File Details
Overview
Analysis

wintooll.exe

The module wintooll.exe has been detected as Adware.ELEX

wintooll.exe

Remove wintooll.exe

File Details

Main Info:

MD5:	64f4c96c979817b798d6737ee4812ee1
Size:	102 KB
First Published:	2017-06-14 07:10:21 (7 years ago)
Latest Published:	2018-07-14 13:11:46 (6 years ago)

Analysis:

Status:	Adware.ELEX (on last analysis)
Analysis Date:	2018-07-14 13:11:46 (6 years ago)

Overview

Digital Signature

Signed By:	Haitao Gu
Status:	Valid

Common Places:

%windir%\temp\upcf8da.tmp\secondu71

%commonappdata%\wintooll

%windir%\temp\upce57f.tmp\secondu71

%windir%\temp\upce35d.tmp\secondu71

%windir%\temp\upcc9f5.tmp\secondu71

%windir%\temp\upc829a.tmp\secondu71

%windir%\temp\upc1c8d.tmp\secondu71

%windir%\temp\oua982c.tmp

%windir%\temp\upc9276.tmp

%windir%\temp\upc4127.tmp

Geography:

	30.4%
	17.4%
	13.0%
	8.7%
	8.7%
	4.3%
	4.3%
	4.3%
	4.3%
	4.3%

OS Version:

Windows 7	73.9%
Windows 10	17.4%
Windows 8	8.7%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00001e89

PE Sections:

Name	Size of data	MD5
.text	60928	526f269c7250442d55481607d71bb746
.rdata	20992	694eefd13a5a3388d835c4237d5be730
.data	4608	59ea576e1625dbfbab9a2ced4d346e06
.rsrc	7680	6701c9f72cdc5c748f1ac8eaaa056ec2
.reloc	4096	af2c3bad9cfc5bc4273edf1e7f0dfde8

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for wintooll.exe

copyright for information about wintooll.exe