How to remove TBMessagingHost.exe.vir
- File Details
- Overview
- Analysis
TBMessagingHost.exe.vir
The module TBMessagingHost.exe.vir has been detected as Adware.Gen
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
f0800351eb6315d533c80328dd0f9de1 |
| Size: |
975 KB |
| First Published: |
2017-06-22 17:02:17 (7 years ago) |
| Latest Published: |
2020-03-06 06:30:31 (4 years ago) |
| Status: |
Adware.Gen (on last analysis) |
|
| Analysis Date: |
2020-03-06 06:30:31 (4 years ago) |
Overview
| %localappdata%\nativemessaging\ct3225826\1_0_0_6 |
| %localappdata%\nativemessaging\ct3295548\1_0_0_6 |
| %localappdata%\nativemessaging\ct3289075\1_0_0_6 |
| %localappdata%\nativemessaging\ct3202343\1_0_0_6 |
| %localappdata%\nativemessaging\ct3220468\1_0_0_6 |
| %localappdata%\nativemessaging\ct3205709 |
| %chromeprofile%\extensions\gipmblamjgodbimgeafaiegdpfbaeihe\10.23.0.822_0 |
| %chromeprofile%\extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.23.0.822_0 |
| %sysdrive%\vince-pc\backup set 2014-01-13 112616\backup files 2014-01-13 112616\backup files 7.zip\c\users\vince\appdata\local\google\chrome\user data\default\extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.23.0.822_0 |
| %sysdrive%\vince-pc\backup set 2014-01-13 112616\backup files 2014-01-13 112616\backup files 8.zip\c\users\vince\appdata\local\nativemessaging\ct3288691 |
| TBMessagingHost.exe |
| TBMessagingHost.exe.vir |
|
55.6% |
|
|
11.1% |
|
|
4.4% |
|
|
4.4% |
|
|
4.4% |
|
|
4.4% |
|
|
2.2% |
|
|
2.2% |
|
|
2.2% |
|
|
2.2% |
|
|
2.2% |
|
|
2.2% |
|
|
2.2% |
|
| Windows 10 |
64.4% |
|
| Windows 7 |
35.6% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00043028 |
| Name |
Size of data |
MD5 |
| .text |
693760 |
e311247fa19404962ae291338fba3914 |
| .rdata |
151040 |
cfa260a6abd3569410634ae4cc05bfeb |
| .data |
46592 |
db59930132ce50035d2dacfa0cf74060 |
| .rsrc |
1536 |
1e7e93a99b13618cfe31cb965f3b9698 |
| .reloc |
98816 |
629cd762cd0b6e12c5a69ce3716a2d08 |
