How to remove tbhelper2.exe

tbhelper2.exe

The module tbhelper2.exe has been detected as Hijack.IE

tbhelper2.exe
Remove tbhelper2.exe

File Details

Product Name:

Toolbar Helper
MD5: 4246b2bb2419e32614f3529a905a5770
Size: 196 KB
First Published: 2017-06-07 23:05:44 (7 years ago)
Latest Published: 2024-03-12 23:02:13 (8 months ago)
Status: Hijack.IE (on last analysis)
Analysis Date: 2024-03-12 23:02:13 (8 months ago)

Overview

Signed By: Iminent
Status: Valid

Common Places:

%appdata%\toolbar4\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
%localappdata%\toolbar4\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
%programfiles%\iminent toolbar
%system%\config\systemprofile\appdata\locallow\toolbar4\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
%desktop%\doc minilap\invitado\appdata\locallow\toolbar4\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
%desktop%\juan\appdata\locallow\toolbar4\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
%sysdrive%\adwcleaner\quarantine\exuieaoeii\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
%system%\config\systemprofile\appdata\locallow\toolbar4
%sysdrive%\adwcleaner\quarantine\x3cf3ednhm
%mydoc%\gilson\x\notebook-cassia\raiz\users\cassia\appdata\locallow\toolbar4

File Names:

TbHelper2.exe
tbhelper2.exe
TbHelper2.exe.vir

Geography:

11.2%
10.2%
10.2%
9.2%
7.1%
6.1%
6.1%
6.1%
5.1%
5.1%
4.1%
3.1%
2.0%
2.0%
2.0%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%

OS Version:

Windows 7 61.0%
Windows 10 30.0%
Windows Vista 4.0%
Windows 8.1 3.0%
Windows 8 1.0%
Windows XP 1.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000129a2

PE Sections:

Name Size of data MD5
.text 129536 099d0dd1e2548842a0998ff16e7aeb38
.rdata 30720 b8a346362d80df4f268223726bf40dd4
.data 10240 2aa2f639b1c0741eda5ec222427e8d58
.rsrc 13312 c07c20fd5f8b5516ca33100e42d8a16f
.reloc 12800 c0e719528653396226f66f45160ce735

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for tbhelper2.exe
copyright for information about tbhelper2.exe