How to remove TBMessagingHost.exe.vir

TBMessagingHost.exe.vir

The module TBMessagingHost.exe.vir has been detected as Adware.Gen

TBMessagingHost.exe.vir
Remove TBMessagingHost.exe.

File Details

Product Name:

TBMessagingHost
Company Name:

Conduit Ltd.
MD5: e2282fc6d371fe1d91fbbfa9c3c9d3b8
Size: 986 KB
First Published: 2017-06-22 17:02:17 (7 years ago)
Latest Published: 2020-03-27 06:44:42 (5 years ago)
Status: Adware.Gen (on last analysis)
Analysis Date: 2020-03-27 06:44:42 (5 years ago)

Overview

Signed By: Conduit Ltd.
Status: Valid

Common Places:

%localappdata%\nativemessaging\ct3225826\1_0_0_9
%localappdata%\nativemessaging\ct3289663\1_0_0_9
%localappdata%\nativemessaging\ct3289075\1_0_0_9
%localappdata%\nativemessaging\ct3202343\1_0_0_9
%localappdata%\nativemessaging\ct3220468\1_0_0_9
%localappdata%\nativemessaging\ct3286042
%sysdrive%\casper-casper\backup set 2013-12-16 212945\backup files 2014-01-12 190002\backup files 1.zip\c\users\casper\appdata\local\google\chrome\user data\default\extensions\ldphimnicfkkabnlicekmikglnnbenfc\10.26.0.540_0
%temp%\testifexeexist\ct3306061
%temp%\nativemessaging\ct3306061
%localappdata%\sony corporation\some\chromium\user data\default\extensions\hgiifhjbblnglipdbpdgagphlcbililb\10.26.0.40_0

File Names:

TBMessagingHost.exe
TBMessagingHost.exe.vir

Geography:

52.8%
19.4%
8.3%
2.8%
2.8%
2.8%
2.8%
2.8%
2.8%
2.8%

OS Version:

Windows 10 63.9%
Windows 7 33.3%
Windows Server 2008 R2 2.8%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00044b88

PE Sections:

Name Size of data MD5
.text 701952 21258777fa2a74ddc1b6d7801d25ace2
.rdata 153088 1021be2b350458e0ae0b341a939f77e8
.data 46592 a61eaea90fd287e2dbbd2a2d554d3e55
.rsrc 1536 b2d0c583a7e41fcd935cc3fed9f81a7f
.reloc 99328 e045ec0fcfdba2394fa79b6636e5e117

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for TBMessagingHost.exe.vir
copyright for information about TBMessagingHost.exe.vir