How to remove php.exe
php.exe
The module php.exe has been detected as Trojan.Downloader
File Details
| Product Name: | PHP Thread Safe CGI |
| Company Name: | The PHP Group |
| MD5: | 9f13cc0b1b3b03cbefd8141e5f50b1c1 |
| Size: | 44 KB |
| First Published: | 2017-06-10 22:08:45 (8 years ago) |
| Latest Published: | 2025-04-08 23:00:51 (7 months ago) |
| Status: | Trojan.Downloader (on last analysis) | |
| Analysis Date: | 2025-04-08 23:00:51 (7 months ago) |
Common Places:
| %sysdrive%\alejandro\bachup - penddrive\phprunner\phprunner5.2\validation |
| %sysdrive%\lgdtvupdater\php |
| %programfiles%\parallels\plesk\additional |
Geography:
| 33.3% | ||
| 33.3% | ||
| 33.3% |
OS Version:
| Windows 7 | 66.7% | |
| Windows Server 2008 R2 | 33.3% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00006a70 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 24576 | 2d4faf05cd3f48edcafd5e6e448c58e4 |
| .rdata | 8192 | 6804c1bf8c2954b9859cbfd12bb9dc27 |
| .data | 4096 | c3f7ebcfadae5c591616b74fb881a8a9 |
| .rsrc | 4096 | d26359afb8e2af90c363c56e26896eb8 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for php.exe
