How to remove trzF149.tmp

trzF149.tmp Removal: How to Get Rid of trzF149.tmp2f0a52ce4f445c6e656ecebbcaceade5

» File
File Details
Overview
Analysis

trzF149.tmp

The module trzF149.tmp has been detected as Trojan.Agent

trzF149.tmp

Remove trzF149.tmp

File Details

Main Info:

MD5:	2f0a52ce4f445c6e656ecebbcaceade5
Size:	11 KB
First Published:	2017-07-18 23:06:45 (4 years ago)
Latest Published:	2021-07-20 20:45:57 (9 days ago)

Analysis:

Status:	Trojan.Agent (on last analysis)
Analysis Date:	2021-07-20 20:45:57 (9 days ago)

Common Places:

%appdata%\ltdltd61\ea

%sysdrive%\windows.old\users\toshiba\appdata\local\temp\305576

%sysdrive%\windows.old\users\toshiba\appdata\local\temp\2510001

%sysdrive%\windows.old\users\toshiba\appdata\local\temp\312898

%temp%\57754897

%temp%\1317829

%temp%\452601

%temp%\35109126

%temp%\59550555

%temp%\7185451

File Names:

posh-0.dll

posh-0.Vdll

trz9716.tmp

posh-0.dll.quarantined

trzF149.tmp

Geography:

	39.1%
	11.2%
	9.2%
	8.8%
	4.0%
	3.5%
	2.5%
	2.4%
	2.2%
	1.6%
	1.5%
	1.3%
	0.9%
	0.9%
	0.8%
	0.8%
	0.7%
	0.6%
	0.5%
	0.5%
	0.5%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 7	85.0%
Windows 10	8.7%
Windows Server 2008 R2	2.9%
Windows XP	1.4%
Windows 8.1	1.0%
Windows Server 2012 R2	0.4%
Windows Vista	0.3%
Windows Server 2003	0.2%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x10000000
Entry Address:	0x00001d25

PE Sections:

Name	Size of data	MD5
.text	4608	41212f367f01182785277df3a4fb8fee
.rdata	3072	e5ec50ae38a9e9457014536f7f6794d6
.data	1024	1ef7f2514c0dac290533737e44e6df5b
.reloc	1536	8c702a2c3f59aae28e248ce4881e30a6

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for trzF149.tmp

copyright for information about trzF149.tmp