» pbtbvzaeljs.exe
Overview
Analysis
File Details

pbtbvzaeljs.exe

The application pbtbvzaeljs.exe has been detected as a potentially unwanted program by 29 anti-malware scanners.

File name:

pbtbvzaeljs.exe

MD5:

083749b9b23fd00c76ba6483c53c3cb6

SHA-1:

58e0477138d8111d670b7c6684f227f3858db6e9

SHA-256:

e86a81db227afe29cfd57f56f9948b9d2ecb4694d256f130bedd608c68f5e966

Scanner detections:

29 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 11:31:33 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.10141850

701

AegisLab AV Signature

AdWare.W32.MegaSearch

2.1.4+

Agnitum Outpost

Riskware.HackTool

7.1.1

Avira AntiVirus

APPL/KMSAuto.bes

7.11.196.118

avast!

Win32:Malware-gen

2014.9-150306

AVG

Potentially harmful program HackTool.AHDM

2014.0.4257

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.1536

Bitdefender

Trojan.Generic.10141850

1.0.20.325

Bkav FE

W32.Clod0b2.Trojan

1.3.0.4924

Clam AntiVirus

Win.Trojan.Hacktool-1756

0.98/20153

Emsisoft Anti-Malware

Trojan.Generic.10141850

8.15.03.06.04

ESET NOD32

Win32/HackTool.KMSAuto (variant)

9.9434

Fortinet FortiGate

Riskware/KMSAuto

3/6/2015

F-Prot

W32/A-0b50412c

v6.4.7.1.166

F-Secure

Trojan.Generic.10141850

11.2015-06-03_6

G Data

Trojan.Generic.10141850

15.3.24

herdProtect (fuzzy)

variant of zj3bfl13cb2.exe

2015.6.12.18

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.2.2.29

K7 AntiVirus

Hacktool

13.200.15179

McAfee

Artemis!E858AD1B421B

5600.6835

MicroWorld eScan

Trojan.Generic.10141850

16.0.0.195

nProtect

Trojan.Generic.10141850

14.02.04.01

Reason Heuristics

Threat.Win.Reputation.IMP

15.3.6.4

Rising Antivirus

PE:Malware.Hacktool!6.1FB

23.00.65.15304

Sophos

PUA 'KMS Activator'

5.11

SUPERAntiSpyware

Trojan.Agent/Gen-Lameshield

10015

Trend Micro House Call

TROJ_GEN.F47V1009

7.2.65

VIPRE Antivirus

Trojan.Win32.Generic

26558

Zillya! Antivirus

Tool.KMSAuto.Win32.3

2.0.0.2089

File size:

255.1 KB (261,174 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\kmspico\pbtbvzaeljs.exe

File PE Metadata

Compilation timestamp:

3/3/2013 4:03:45 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

CTPH (ssdeep):

3072:limnSqvg5laDT+i1fvyKCI5l5ARSpkzgB65+eSCRR+VTeqGvBFzcSk1+QU:lyq4X4vZjlYSizi6DL+Vl6BcMQU

Entry address:

0x1296F

Entry point:

E8, 99, 98, 00, 00, E9, 87, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 24, 89, 43, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, D8, 05, 43, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 24, 89, 43, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00... 
[+]

Code size:

156 KB (159,744 bytes)

Remove pbtbvzaeljs.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.