home

CenerTCPMessenger.exe

CenerTCPMessenger

Thomas Pleasance

The executable CenerTCPMessenger.exe has been detected as malware by 14 anti-virus scanners.
Publisher:
Thomas Pleasance  (signed and verified)

Product:
CenerTCPMessenger

Version:
1.0.0.0

MD5:
8306bc9c1ab1bee191e7a831e552319a

SHA-1:
6e518bb80855ae4c23f55ad598a22c2af86e38ba

SHA-256:
bfb5afb28ebb5b350dcdc718a5b37239c6808b3f9b5474955ca3d8ff2712d44d

Scanner detections:
14 / 68

Status:
Malware

Analysis date:
4/26/2024 10:21:15 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.VJadtre.2
5813571

avast!
Win32:AutoRun-CTB [Trj]
160119-0

AVG
Worm/AutoRun.JT
2015.0.4489

Clam AntiVirus
W32.Wapomi-3
0.98/21287

Dr.Web
Win32.Dropper.5
9.0.1.05190

Emsisoft Anti-Malware
Win32.VJadtre
10.0.0.5366

ESET NOD32
Win32/AutoRun.NAX virus
7.0.302.0

F-Prot
W32/Jadtre.A
4.6.5.141

Kaspersky
Virus.Win32.Qvod
15.0.0.562

McAfee
Virus.W32/Fujacks.be
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.3699.0

Norman
Win32.VJadtre.2
11.01.2016 17:30:26

Sophos
Virus 'W32/Jadtre-B'
5.22

VIPRE Antivirus
Threat.4722626
46660

File size:
160 KB (163,840 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2006

Original file name:
CenerTCPMessenger.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\windows sidebar\shared gadgets\livemessenger.gadget\connector\cenertcpmessenger.exe

Digital Signature
Signed by:
Thomas Pleasance

Authority:
The USERTRUST Network

Valid from:
12/21/2006 7:00:00 AM

Valid to:
12/22/2007 6:59:59 AM

Subject:
CN=Thomas Pleasance, O=Thomas Pleasance, STREET=12 Headlands Way, STREET=Whittlesey, L=Peterborough, S=Cambs, PostalCode=PE7 1RL, C=GB

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00CC435368D16D0530509530DCA586AE64

File PE Metadata
Compilation timestamp:
12/31/2006 8:16:38 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:M1W268C1Uj0oaqcrNDKBC5CH+xF7vCww95YeoLoSqtIzp:MQ268Ckgr0BC564ubYe5t

Entry address:
0x14000

Entry point:
55, 8B, EC, 83, EC, 70, 83, 65, CC, 00, 83, 65, D4, 00, 83, 65, F8, 00, 83, 65, D8, 00, 83, 65, E0, 00, 83, 65, EC, 00, 83, 65, E4, 00, 83, 65, F4, 00, 83, 4D, DC, FF, 83, 65, D0, 00, 83, 65, C8, 00, 83, 65, E8, 00, 83, 65, F0, 00, 83, 65, FC, 00, 64, FF, 35, 30, 00, 00, 00, 58, 89, 45, E0, 8B, 45, E0, 8B, 40, 0C, 8B, 40, 1C, 8B, 00, 89, 45, EC, 8B, 45, EC, 8B, 40, 08, 89, 45, F4, 8B, 45, F4, 8B, 40, 3C, 8B, 4D, F4, 8B, 55, F4, 03, 54, 01, 78, 89, 55, E4, 8B, 45, E4, 8B, 4D, F4, 03, 48, 20, 89, 4D, CC, 8B...
 
[+]

Entropy:
6.7846

Developed / compiled with:
Microsoft Visual C++

Code size:
148 KB (151,552 bytes)

Remove CenerTCPMessenger.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.