How to remove f_0028d2

f_0028d2

The module f_0028d2 has been detected as PUP.Downloader

f_0028d2
Remove f_0028d2

File Details

Product Name:

CNET Download.com
Company Name:

CNET Download.com
MD5: 090d98c297b3b78a54cb27ef03aeba99
Size: 712 KB
First Published: 2017-11-06 13:10:25 (7 years ago)
Latest Published: 2021-01-09 08:20:13 (4 years ago)
Status: PUP.Downloader (on last analysis)
Analysis Date: 2021-01-09 08:20:13 (4 years ago)

Overview

Signed By: CBS Interactive
Status: Valid

Common Places:

%sysdrive%\seagate backup_vpickle\vpickle\history\level3\c\users\erik\appdata\local\google\chrome\user data\default\cache
%sysdrive%\system volume information\_restore{2f5d6395-e28b-4974-902a-2e9019272ba9}
%sysdrive%\folder_apo veloci raptor\documents and settings\τα έγγραφά μου
%sysdrive%
%sysdrive%\t-280 3-5-13
%profile%
%sysdrive%
%sysdrive%\i drive\james software\windows 8\new folder\zrenubala software
%sysdrive%\i drive\james software\windows 8\new folder\zrenubala software

File Names:

cbsi-3_2_5_41-10703122.exe
f_0028d2
A0004271.exe
A0017429.exe
A0003366.exe
A0012898.exe
A0008370.exe
A0002303.exe
A0006370.exe
A0005141.exe
cbsi-3_2_5_41-10966715.exe
cbsidlm-cbsi3_2_5_41-JetAudio_Basic-10013740 (1).exe
cbsidlm-cbsi3_2_5_41-JetAudio_Basic-10013740.exe
cbsi-3_2_5_41-10013740.exe
cbsidlm-cbsi3_2_5_41-JetAudio_Basic-10013740 (2).exe
cbsi-3_2_5_41-75448539.exe
cbsidlm-cbsi3_2_5_41-PhotoScape-10703122.exe

Geography:

34.6%
30.8%
7.7%
3.8%
3.8%
3.8%
3.8%
3.8%
3.8%
3.8%

OS Version:

Windows XP 34.6%
Windows 8 30.8%
Windows 10 19.2%
Windows 7 11.5%
Windows Vista 3.8%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x001e95d0

PE Sections:

Name Size of data MD5
UPX0 0 00000000000000000000000000000000
UPX1 706560 1fc5e4ab926a626b992c84643611a779
.rsrc 17920 4cc502ed5146396cea24d23a70bd42d8

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for f_0028d2
copyright for information about f_0028d2