How to remove 29dc9261.rbf
- File Details
- Overview
- Analysis
29dc9261.rbf
The module 29dc9261.rbf has been detected as Adware.SweetIM
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
42894025dcc53d2a9c2e2931d352f94b |
| Size: |
164 KB |
| First Published: |
2017-05-26 13:02:40 (7 years ago) |
| Latest Published: |
2022-03-20 23:28:47 (2 years ago) |
| Status: |
Adware.SweetIM (on last analysis) |
|
| Analysis Date: |
2022-03-20 23:28:47 (2 years ago) |
Overview
| %sysdrive%\adwcleaner\quarantine\files\iqamzodsaqbdgvdpaxfdhprkoxahjqou\messenger |
| %programfiles%\sweetim\messenger |
| %sysdrive% |
| %programfiles%\sweetim |
| %sysdrive%\terzo\programmi\sweetim |
| %sysdrive%\windows.old\program files (x86)\sweetim |
| %programfiles%\sweetim |
| mghooking.dll |
| 29dc9261.rbf |
|
20.0% |
|
|
20.0% |
|
|
13.3% |
|
|
13.3% |
|
|
6.7% |
|
|
6.7% |
|
|
6.7% |
|
|
6.7% |
|
|
6.7% |
|
| Windows 7 |
40.0% |
|
| Windows 10 |
33.3% |
|
| Windows XP |
20.0% |
|
| Windows Vista |
6.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x10000000 |
| Entry Address: |
0x000018ee |
| Name |
Size of data |
MD5 |
| .text |
4096 |
bdf186bc9232350bc9938d7f6b02735c |
| CODE |
118784 |
6b2373f5980099235241b41c9592cef6 |
| .rdata |
8192 |
bf47733e20d9d60459c0c5c25b590b57 |
| .data |
4096 |
620f0b67a91f7f74151bc5be745b7110 |
| DATA |
4096 |
1e113ae3a8df1185bf427664aba961c0 |
| BSS |
4096 |
620f0b67a91f7f74151bc5be745b7110 |
| .rsrc |
4096 |
1acd3f8b5107bc2c33a94857cd172909 |
| .reloc |
8192 |
39aad0dc960de43366730cb9283f6c9e |
