home

TmlCMode.exe

Thermal Control Mode Utility

Compal Electronics, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘TmlCMode’.
Publisher:
Compal Electronic Inc.  (signed by Compal Electronics, Inc.)

Product:
Thermal Control Mode Utility

Version:
0, 0, 0, 5

MD5:
3f0b1e3bf249f6226c8b1688c84373bc

SHA-1:
6b83fb37532b2ac2e02c6047441f2ab070f062c1

SHA-256:
817cfc80f2a7a5f2e04491be1b0dec63ece777ce458835cb1dc6dc0240920b6f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 8:14:27 PM UTC  (today)

File size:
349.4 KB (357,744 bytes)

Product version:
0, 0, 0, 5

Copyright:
Copyright (C) 2008 Compal Electronic Inc. All rights reserved.

Original file name:
TmlCMode.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\compal\tmlcmode\tmlcmode.exe

Digital Signature
Signed by:
Compal Electronics, Inc.

Authority:
VeriSign, Inc.

Valid from:
6/1/2009 7:00:00 AM

Valid to:
6/13/2010 6:59:59 AM

Subject:
CN="Compal Electronics, Inc.", OU=Software Application, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Compal Electronics, Inc.", L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3D4BA1025FA30A11F56A702AB04AA602

File PE Metadata
Compilation timestamp:
8/11/2009 12:56:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:WqwDc8GPNcQPm6RYlj75YmEb/9ehuH63rM510479YrEPD:1rNQ6RYljamEZehuHq479YrEPD

Entry address:
0x1D27D

Entry point:
E8, 72, 50, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, B0, 25, 44, 00, 75, 02, F3, C3, E9, F2, 50, 00, 00, 51, C7, 01, 14, 67, 43, 00, E8, EA, 51, 00, 00, 59, C3, 56, 8B, F1, E8, EA, FF, FF, FF, F6, 44, 24, 08, 01, 74, 07, 56, E8, C0, 52, FE, FF, 59, 8B, C6, 5E, C2, 04, 00, 8B, 44, 24, 04, 83, C1, 09, 51, 83, C0, 09, 50, E8, 2F, 52, 00, 00, F7, D8, 59, 1B, C0, 59, 40, C2, 04, 00, 51, 53, 55, 56, 57, FF, 35, 68, 79, 44, 00, E8, 8D, 4A, 00, 00, FF, 35, 64, 79, 44, 00, 8B, F0, 89, 74, 24, 18, E8, 7C, 4A, 00, 00, 8B...
 
[+]

Entropy:
6.5616

Code size:
200 KB (204,800 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TmlCMode

Command:
C:\Program Files\compal\tmlcmode\tmlcmode.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.