How to remove restartgbService.exe

» File
File Details
Overview
Analysis

restartgbService.exe

The module restartgbService.exe has been detected as Backdoor.Bladabindi

restartgbService.exe

Remove restartgbService.exe

File Details

Main Info:

MD5:	731c1a57f4b423ac54b6efbe5a771e4d
Size:	301 KB
First Published:	2017-05-25 18:08:32 (6 years ago)
Latest Published:	2018-09-26 14:10:45 (5 years ago)

Analysis:

Status:	Backdoor.Bladabindi (on last analysis)
Analysis Date:	2018-09-26 14:10:45 (5 years ago)

Common Places:

%programfiles%\gbillingserver\serverupdate\client

%programfiles%\gbillingserver\serverupdate

%sysdrive%\gbillingserver\serverupdate

%sysdrive%\pmtt\gbillingserver\serverupdate

%sysdrive%\backup\gbillingserver\serverupdate

Geography:

	63.6%
	18.2%
	9.1%
	9.1%

OS Version:

Windows 7	81.8%
Windows XP	9.1%
Windows 8.1	9.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000b9e70

PE Sections:

Name	Size of data	MD5
UPX0	0	00000000000000000000000000000000
UPX1	270848	ef7bfab6fb38197650c69718a9436dfe
.rsrc	36352	f54fa6c715afbe2bf1b73f5bed81388c

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for restartgbService.exe

copyright for information about restartgbService.exe