How to remove 937b7.rbf
937b7.rbf
The module 937b7.rbf has been detected as PUP.Microleaves
File Details
| Product Name: | Online Guardian |
| Company Name: | Microleaves LTD |
| MD5: | 39702c63034fe12e95f7c67223680cdb |
| Size: | 542 KB |
| First Published: | 2017-06-20 15:08:01 (6 years ago) |
| Latest Published: | 2020-03-20 14:26:26 (4 years ago) |
| Status: | PUP.Microleaves (on last analysis) | |
| Analysis Date: | 2020-03-20 14:26:26 (4 years ago) |
Overview
| Signed By: | MICROLEAVES LTD |
| Status: | Valid |
Common Places:
| %programfiles%\microleaves\online application\version 2.6.0 |
| %sysdrive%\config.msi |
| %sysdrive%\adwcleaner\quarantine\files\jmdqcnmavbcipqnlbbkatporzzfvocxe\online application\version 2.6.0 |
| %sysdrive%\adwcleaner\quarantine\files\gehiqpbsqxwtkzuyhktbgierlgytwyvo\online application 2.6.0\install\cfcbaa1\version 2.6.0 |
| %sysdrive%\quarantine_mzk\folders\2017070413184562\microleaves.13.26.00.09\online application\version 2.6.0 |
| %appdata%\microleaves\online application 2.6.0\install\cfcbaa1\version 2.6.0 |
| %sysdrive%\adwcleaner\quarantine\files\xldbhsbbgelhaljpnzarvrctnlooztcd\online application\version 2.6.0 |
| %sysdrive%\$recycle.bin\s-1-5-21-2897528057-2067642798-1384281755-1001\$r5nbok9.0 |
| %sysdrive%\adwcleaner\quarantine\files\paswadkqwuqasytltslqklutftlyunoc\online application\version 2.6.0 |
| %commonappdata%\чистилка\quarantine\2017-08-12-20-51-43\microleaves.zip\c:\program files (x86)\microleaves\online application\version 2.6.0 |
File Names:
| Online-Guardian.exe |
| 937b7.rbf |
| Online-Guardian.VIR |
| e9c30.rbf |
| trz4962.tmp |
| 1ef36.rbf |
| 4dc179.rbf |
| 69503.rbf |
| c2ccf.rbf |
| Online-Guardian.exe.quarantined |
| 1278d59.rbf |
| b1ba1.rbf |
| 577757c.rbf |
| 677dd9.rbf |
| 10b0dc.rbf |
| 31d4c0c.rbf |
| 1fe32c.rbf |
| 204d63.rbf |
| 1e63cd54.rbf |
| trzC9B1.tmp |
| trz1182.tmp |
| f216a.rbf |
| trz36E1.tmp |
| trzCF64.tmp |
| 152c7f.rbf |
| 10d23a.rbf |
| de1fb.rbf |
| 316b9.rbf |
| 69058de.rbf |
| 5ab486.rbf |
| 196a305.rbf |
| 3784215.rbf |
| 4c5a4.rbf |
| 43150c0.rbf |
| 12bc71.rbf |
| 68238.rbf |
| trz8019.tmp |
| ac900.rbf |
| trz760.tmp |
| c15a9.rbf |
| 2b04f4.rbf |
| 9b03d.rbf |
| d2353f.rbf |
| 16cda9.rbf |
| 8ec22.rbf |
| 67cc6058.rbf |
| 4b4cb14.rbf |
| e772640.rbf |
| 466e2.rbf |
| ae9e7.rbf |
| 4e4a3.rbf |
| 62694.rbf |
| 1af83d9.rbf |
| trz679B.tmp |
Geography:
| 22.5% | ||
| 18.2% | ||
| 5.9% | ||
| 5.0% | ||
| 4.1% | ||
| 2.7% | ||
| 2.5% | ||
| 2.3% | ||
| 2.1% | ||
| 2.0% | ||
| 1.9% | ||
| 1.8% | ||
| 1.6% | ||
| 1.4% | ||
| 1.3% | ||
| 1.2% | ||
| 1.1% | ||
| 1.0% | ||
| 1.0% | ||
| 1.0% | ||
| 1.0% | ||
| 0.9% | ||
| 0.8% | ||
| 0.8% | ||
| 0.8% | ||
| 0.7% | ||
| 0.7% | ||
| 0.7% | ||
| 0.6% | ||
| 0.6% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% |
OS Version:
| Windows 10 | 47.9% | |
| Windows 7 | 38.1% | |
| Windows 8.1 | 10.7% | |
| Windows 8 | 2.7% | |
| Windows Vista | 0.6% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x000012c0 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 105984 | 4ef5b97d80b55949ad7b2d1c1ff92d33 |
| .data | 512 | 0ef7780dc4a821f7c8d2d14b9b4830ab |
| .rdata | 6656 | 063be716a067e3e7caba823fac26e491 |
| .eh_fram | 11776 | 2841058ce3e9c96c1fa40f459da3cf26 |
| .bss | 0 | 00000000000000000000000000000000 |
| .idata | 3584 | 9d729caa1b9684dec72eb6b8e47a23f0 |
| .CRT | 512 | 63611519e03f45643a119ea42b8de125 |
| .tls | 512 | 210f409e50035e70c2412ea102d8a2e5 |
| .rsrc | 371712 | 757d4ad137363ef2a9b2a6f5997d252f |
More information:
Download GridinSoft
Anti-Malware - Removal tool for 937b7.rbf
