How to remove $RPWB5NO.tmp

» File
File Details
Overview
Analysis

$RPWB5NO.tmp

The module $RPWB5NO.tmp has been detected as Adware.Segurazo

$RPWB5NO.tmp

Remove $RPWB5NO.tmp

File Details

Main Info:

Product Name:	Сorp DCom
Company Name:	Сorp DCom
MD5:	ce4fb0105e188b5256cd26eb1adc337b
Size:	16 MB
First Published:	2020-11-14 04:02:16 (4 years ago)
Latest Published:	2021-01-15 00:28:10 (4 years ago)

Analysis:

Status:	Adware.Segurazo (on last analysis)
Analysis Date:	2021-01-15 00:28:10 (4 years ago)

Overview

Digital Signature

Signed By:	Digital Communications Inc
Status:	Valid

Common Places:

%sysdrive%\$recycle.bin

%windir%

%windir%

%temp%

%temp%

%temp%

%temp%

%temp%

%temp%

%temp%

Geography:

	26.7%
	26.7%
	13.3%
	6.7%
	6.7%
	6.7%
	6.7%
	6.7%

OS Version:

Windows 10	73.3%
Windows 8.1	20.0%
Windows 7	6.7%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x10000000
Entry Address:	0x0000b580

PE Sections:

Name	Size of data	MD5
.text	116736	ecb13722bbbdcd99cdbb536cfa6dcce7
.region	1024	64f55bd4674be8c50512666ed76b6d30
.ofk	512	bff8d45327f987b2142c6094ec755e66
.zbty	512	56ef9d45971e84ade54a9c379ede459b
.nytd	512	01b24dec046415f44e36d12cf62189d1
.reg	1024	fad1f8a7c562554df10cc869fa13ddce
.asew	1024	ea4ee1b1a4887b6b257640bb794766b5
.force	1024	2494f99fce0949c98635c9f9f5e6b7cf
.call	1024	aaebba0f7bfa94a05574fb4e7005bf12
.instto	1536	b497125ca692324120e699a1a96500f6
.code	512	ccde7da990d3b3d5f808c1703519bc75
.rdata	33792	0d92a2931f4d12f56b723fe87462e36b
.data	2560	f3c42f3137c5e63ac0af0e1579967075
.tls	512	1f354d76203061bfdd5a53dae48d5435
.rsrc	17145856	9167c99810e0d19bfc51c88ad913b76f
.reloc	6144	1e116337102df7704f2edc1315325c68

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RPWB5NO.tmp

copyright for information about $RPWB5NO.tmp