How to remove A0015014.exe
- File Details
- Overview
- Analysis
A0015014.exe
The module A0015014.exe has been detected as PUP.Toolbar
File Details
Product Name: |
|
Company Name: |
|
MD5: |
4eff1ed174dee79d80d387e2fd07530a |
Size: |
2 MB |
First Published: |
2017-06-20 14:06:07 (8 years ago) |
Latest Published: |
2024-11-15 23:01:04 (8 months ago) |
Status: |
PUP.Toolbar (on last analysis) |
|
Analysis Date: |
2024-11-15 23:01:04 (8 months ago) |
Overview
Signed By: |
Crawler Group, LLC |
Status: |
Invalid (digital signature could be stolen or file could be patched) |
%programfiles%\spyware terminator\tools |
%sysdrive%\windows.old.000\program files (x86)\spyware terminator\tools |
%sysdrive%\system volume information\_restore{115a6895-6e26-46ed-ab4e-4cfd2c2141b8}\rp36 |
%commonappdata%\martau\total uninstall 6\backup\spyware terminator 2015.analyzed.zip\c:\program files (x86)\spyware terminator\tools |
%programfiles%\spyware terminator |
%sysdrive%\archivos de programa\spyware terminator |
%sysdrive%\system volume information\_restore{586871f4-d9cc-4f9f-9fa0-5fea4b89a97f} |
%sysdrive%\system volume information\_restore{83e9558c-6427-438e-8170-58877fd8ff61} |
%programfiles%\~spyware terminator |
%commonappdata%\spyware terminator\shared |
systemrestore.exe |
A0015014.exe |
A0138171.exe |
A0005743.exe |
A0039638.exe |
A0117169.exe |
|
19.1% |
|
|
17.1% |
|
|
12.1% |
|
|
9.4% |
|
|
3.7% |
|
|
3.7% |
|
|
3.4% |
|
|
3.0% |
|
|
2.7% |
|
|
2.7% |
|
|
2.3% |
|
|
1.7% |
|
|
1.7% |
|
|
1.7% |
|
|
1.3% |
|
|
1.3% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
Windows 10 |
51.3% |
|
Windows 7 |
33.0% |
|
Windows 8.1 |
10.3% |
|
Windows XP |
3.7% |
|
Windows Vista |
0.7% |
|
Windows Server 2003 |
0.7% |
|
Windows 8 |
0.3% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x001d53e8 |
Name |
Size of data |
MD5 |
.text |
1910272 |
5d30d7b119b9814c7ff2782aa5ea4763 |
.itext |
5632 |
68f9d36d4e7b7848a9b27a7a1552d485 |
.data |
35840 |
c1cabe07b5588cdcb2a5155708d1eca1 |
.bss |
0 |
00000000000000000000000000000000 |
.idata |
14848 |
b2d4e122ab16c0f5121bb5e49ccf66b0 |
.didata |
2560 |
0dba6997fee21adc178b30541b775577 |
.tls |
0 |
00000000000000000000000000000000 |
.rdata |
512 |
2500cfe0c7e8f0dd211b3229e0295648 |
.reloc |
171520 |
5598db8466d7d320125870fe6d31c079 |
.rsrc |
285184 |
03d06af39729e3fadca96276b8683e82 |