trojankiller.exe

GridinSoft Trojan Killer

GridinSoft LLC

This file is installed with the program Trojan Killer.
Publisher:
GridinSoft LLC.  (signed by GridinSoft LLC)

Product:
GridinSoft Trojan Killer

Description:
Trojan Killer

Version:
2.1.0.3

MD5:
98e8bc111220c3962e66ec0db6bce362

SHA-1:
75398cb0f57dcdc16587ed622afcddca848dcab4

SHA-256:
06b212a9ac271b842d660cf9e32a4bdbe76f63d7cf0cac83eb919d665a03224e

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/23/2024 9:50:56 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Trojan.Win32.1AntiVirus
4.0.3.14420

ESET NOD32
Win32/1AntiVirus (variant)
8.8891

McAfee
Artemis!441194B2792B
5600.7154

File size:
5.2 MB (5,428,032 bytes)

Product version:
2.1

Copyright:
Copyright ©2011, GridinSoft LLC. All rights reserved.

Original file name:
trojankiller.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\gridinsoft trojan killer\trojankiller.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/13/2011 12:00:00 AM

Valid to:
1/13/2012 11:59:59 PM

Subject:
CN=GridinSoft LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=GridinSoft LLC, L=Kiev, S=Kiev, C=UA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3342F9C793FB9687D0852BFF37D40D9F

File PE Metadata
Compilation timestamp:
8/17/2011 9:38:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:mQ5OKtMFB+KNnfrhNK1A2FJX/y4prmCkDL3nLjJyIYi5VmVGlKCkB6M:muOKyFB+mnDhNK1A2P/y4Ncn3nLF3mIc

Entry address:
0x27E6A4

Entry point:
55, 8B, EC, B9, 08, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, B8, 80, B0, 3B, 13, E8, 4E, 9A, D8, FF, 33, C0, 55, 68, 8B, E9, 3B, 13, 64, FF, 30, 64, 89, 20, B8, 24, BB, 40, 13, E8, 02, 70, D8, FF, 68, 98, E9, 3B, 13, 6A, 00, 6A, 00, E8, 8C, 9E, D8, FF, A1, 94, 1E, 3E, 13, 8B, 00, E8, F4, 66, E0, FF, E8, 6F, 4D, D8, FF, 85, C0, 0F, 8E, C0, 00, 00, 00, 8D, 55, EC, B8, 01, 00, 00, 00, E8, BA, 4D, D8, FF, 8B, 45, EC, 50, 68, B8, E9, 3B, 13, FF, 35, 24, BB, 40, 13, 68, C8, E9, 3B, 13, 8D, 45, E8, BA, 03, 00...
 
[+]

Entropy:
6.7966

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 MB (2,611,712 bytes)

The file trojankiller.exe has been discovered within the following program.

Trojan Killer  by Gridinsoft LLC
Publisher's description - “Developed specifically for automatic removal of viruses, bots, spyware, keyloggers, trojans, scareware and rootkits without the need to manually edit system files or registry, Trojan Killer additionally fixes system modifications that were introduced by malware and which, regretfully, are often ignored by some popular antivirus scanners.”
trojan-killer.com
3% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to trojan-killer.net  (107.170.10.232:80)

Scan trojankiller.exe - Powered by Reason Core Security