How to remove nsc408D.tmp

nsc408D.tmp

The module nsc408D.tmp has been detected as Adware.Downloader

nsc408D.tmp
Remove nsc408D.tmp

File Details

Product Name:

toolmini Application
MD5: 990dd7f40f45032dd89402524421066f
Size: 618 KB
First Published: 2017-05-26 05:03:03 (7 years ago)
Latest Published: 2018-11-02 03:11:33 (6 years ago)
Status: Adware.Downloader (on last analysis)
Analysis Date: 2018-11-02 03:11:33 (6 years ago)

Overview

Signed By: MEIXIAN XIE
Status: Valid

Common Places:

%localappdata%\microsoft\windows\inetcache\ie\5g3hchgz
%localappdata%\microsoft\windows\temporary internet files\content.ie5\t2p2ihlp
%localappdata%\microsoft\windows\inetcache\ie\yfqnajzy
%localappdata%\microsoft\windows\inetcache\ie\ya2cejpl
%localappdata%\microsoft\windows\temporary internet files\content.ie5\vn3u4u1n
%temp%\nsh4849.tmp
%localappdata%\microsoft\windows\temporary internet files\content.ie5\vn6eu6cg
%localappdata%\microsoft\windows\temporary internet files\content.ie5\pfu3josc
%localappdata%\microsoft\windows\temporary internet files\content.ie5\5gtzxlj7
%localappdata%\microsoft\windows\temporary internet files\content.ie5\eieqycql

File Names:

Gretech_id_IBD_Bundle[1].exe
nsc408D.tmp
Gretech_id_IBD_Bundle[2].exe
nsv4AE6.tmp

Geography:

98.1%
1.9%

OS Version:

Windows 7 67.9%
Windows 10 15.1%
Windows 8.1 13.2%
Windows Vista 3.8%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000359ca

PE Sections:

Name Size of data MD5
.text 318464 28fb489b684785b560e990fd3204b302
.rdata 38400 27dc7931b52f4a5184391942eecde3fb
.data 7168 c687d5fc09a0d0757e5b7b768040932c
.rsrc 245248 3d6f94c69b1af1971c0922517d99dd83
.reloc 16896 c7f07a7e2acfff83078f875644bde5bf

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for nsc408D.tmp
copyright for information about nsc408D.tmp