home

trojankiller.exe

Trojan Killer (32-bit)

Gridinsoft, LLC

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Trojan Killer (32-bit)’. This is installed with Trojan Killer.
Publisher:
GridinSoft LLC.  (signed by Gridinsoft, LLC)

Product:
Trojan Killer (32-bit)

Description:
Trojan Killer

Version:
2.1.9.8

MD5:
1e4f331020cfba339cb1dcc672187798

SHA-1:
85b3d0dc391171ae4907820b8cf950faf27beba2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:47:29 PM UTC  (today)

File size:
8.7 MB (9,146,144 bytes)

Product version:
2.1.9.8

Copyright:
Copyright © 2003-2013, GridinSoft LLC. All rights reserved.

Original file name:
trojankiller.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\trojankiller.exe

Digital Signature
Signed by:
Gridinsoft, LLC

Authority:
VeriSign, Inc.

Valid from:
12/12/2011 8:00:00 AM

Valid to:
1/13/2015 7:59:59 AM

Subject:
CN="Gridinsoft, LLC", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Gridinsoft, LLC", L=Kiev, S=Kiev, C=UA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
065DF919B8A90A37DEB26750CBB3BBD3

File PE Metadata
Compilation timestamp:
11/27/2013 8:49:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:Nm0VayxpbrcXb5npmc59fYaYBMS9CQxJ8NrC0:gSNXbrcXb5npmc59f54MYsv

Entry address:
0x4CDC78

Entry point:
55, 8B, EC, B9, 09, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, 70, AC, 8B, 00, E8, DC, 10, B4, FF, 33, C0, 55, 68, 20, E0, 8C, 00, 64, FF, 30, 64, 89, 20, B8, 50, 05, 99, 00, E8, D8, B9, B3, FF, E8, 4B, 8E, B3, FF, 85, C0, 0F, 8E, A3, 00, 00, 00, 8D, 55, EC, B8, 01, 00, 00, 00, E8, 96, 8E, B3, FF, 8B, 45, EC, 50, 68, 3C, E0, 8C, 00, FF, 35, 50, 05, 99, 00, 68, 54, E0, 8C, 00, 8D, 45, E8, BA, 03, 00, 00, 00, E8, A1, CC, B3, FF, 8B, 55, E8, 58, E8, A8, CD, B3, FF, 75, 6A, 68, 34, 10, 00, 00, 68...
 
[+]

Entropy:
6.7722

Developed / compiled with:
Microsoft Visual C++

Code size:
4.8 MB (5,035,008 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Trojan Killer (32-bit)

Command:
"C:\DOCUME~1\{user}\Locals~1\temp\rarsfx3\trojankiller.exe" 0


The file trojankiller.exe has been discovered within the following program.

Trojan Killer  by Gridinsoft LLC
Publisher's description - “Developed specifically for automatic removal of viruses, bots, spyware, keyloggers, trojans, scareware and rootkits without the need to manually edit system files or registry, Trojan Killer additionally fixes system modifications that were introduced by malware and which, regretfully, are often ignored by some popular antivirus scanners.”
trojan-killer.com
3% remove it
 
Powered by Should I Remove It?

Scan trojankiller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.