How to remove trz138.tmp
trz138.tmp
The module trz138.tmp has been detected as Adware.Montiera
File Details
| Product Name: | |
| Company Name: | Pay By Ads LTD |
| MD5: | 10b2c9b29985f055af0b35f2bb13beb0 |
| Size: | 446 KB |
| First Published: | 2017-07-21 05:09:27 (6 years ago) |
| Latest Published: | 2018-07-21 17:13:02 (5 years ago) |
| Status: | Adware.Montiera (on last analysis) | |
| Analysis Date: | 2018-07-21 17:13:02 (5 years ago) |
Overview
| Signed By: | Keep-My-Search LTD |
| Status: | Valid |
Common Places:
| %localappdata%\pay-by-ads\yahoo! search\1.3.26.12 |
| %programfiles%\pay-by-ads\yahoo! search\1.3.26.12 |
| %localappdata%\pay-by-ads\yahoo! search |
| %programfiles%\pay-by-ads\yahoo! search |
File Names:
| dsrsetup.exe |
| trz138.tmp |
Geography:
| 23.5% | ||
| 11.8% | ||
| 11.8% | ||
| 5.9% | ||
| 5.9% | ||
| 5.9% | ||
| 5.9% | ||
| 5.9% | ||
| 5.9% | ||
| 5.9% | ||
| 5.9% | ||
| 5.9% |
OS Version:
| Windows 7 | 58.8% | |
| Windows 8.1 | 17.6% | |
| Windows 10 | 11.8% | |
| Windows 8 | 5.9% | |
| Windows XP | 5.9% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00036d2a |
PE Sections:
| Name | Size of data | MD5 |
| .text | 317440 | 421b39424bcd4d429ff3a8d814aedb1a |
| .rdata | 74752 | 2ac33fdbea4193563053732e67e565c2 |
| .data | 11264 | ef11dab22bb10e14ea6bb50295ae4c9d |
| .rsrc | 14848 | f3da2259f226239ccee2a7c0a1a26d43 |
| .reloc | 31744 | fe0e951bca0f65b85aa5252bc26179b3 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for trz138.tmp
