How to remove TBMessagingHost.exe.vir

» File
File Details
Overview
Analysis

TBMessagingHost.exe.vir

The module TBMessagingHost.exe.vir has been detected as Adware.Gen

File Details

Main Info:

Product Name:	TBMessagingHost
Company Name:	Conduit Ltd.
MD5:	d3c40de564008beffddba53d69d63152
Size:	1001 KB
First Published:	2017-06-22 17:02:17 (7 years ago)
Latest Published:	2020-03-06 06:22:12 (5 years ago)

Analysis:

Status:	Adware.Gen (on last analysis)
Analysis Date:	2020-03-06 06:22:12 (5 years ago)

Overview

Digital Signature

Signed By:	Conduit Ltd.
Status:	Valid

Common Places:

%localappdata%\nativemessaging\ct3225826\1_0_0_10

%localappdata%\nativemessaging\ct3289663\1_0_0_10

%localappdata%\nativemessaging\ct3289075\1_0_0_10

%localappdata%\nativemessaging\ct3220468\1_0_0_10

%localappdata%\nativemessaging\ct3292715

%chromeprofile%\extensions\hgiifhjbblnglipdbpdgagphlcbililb\10.26.2.7_0

%localappdata%\nativemessaging\ct3286042

%sysdrive%\amit-pc\backup set 2013-12-15 190005\backup files 2014-02-02 190000\backup files 2.zip\c\users\amit\appdata\local\nativemessaging\ct3289075

%sysdrive%\shadly-pc\backup set 2014-02-09 190010\backup files 2014-02-09 190010\backup files 4.zip\c\users\shadly\appdata\local\google\chrome\user data\default\extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.26.2.507_0

%sysdrive%\casper-casper\backup set 2013-12-16 212945\backup files 2014-01-26 190002\backup files 1.zip\c\users\casper\appdata\local\google\chrome\user data\default\extensions\ldphimnicfkkabnlicekmikglnnbenfc\10.26.2.507_0

File Names:

TBMessagingHost.exe

TBMessagingHost.exe.vir

Geography:

	15.8%
	15.8%
	10.5%
	10.5%
	5.3%
	5.3%
	5.3%
	5.3%
	5.3%
	5.3%
	5.3%
	5.3%
	5.3%

OS Version:

Windows 7	52.6%
Windows 10	36.8%
Windows XP	10.5%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000460f8

PE Sections:

Name	Size of data	MD5
.text	713216	d48bf537998217ada9523c686034c99e
.rdata	155648	20a30538964e3c399597190cfba83f46
.data	47104	4e181005dcd9f869c3c43e539d77b7f0
.rsrc	1536	be40af31d6301220ec57b8ddf00ac21c
.reloc	100352	919dda9a7be51848f31979cfee6aeb1e

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for TBMessagingHost.exe.vir

copyright for information about TBMessagingHost.exe.vir

How to remove TBMessagingHost.exe.vir

TBMessagingHost.exe.vir

The module TBMessagingHost.exe.vir has been detected as Adware.Gen

File Details

Main Info:

TBMessagingHost

Conduit Ltd.

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: