PasswordBox pbbtnService.exe
Deep Guard asked me about Trusting pbbtnService.exe Win service. I researched and found that this is a service run by PasswordBox, which appears to be a legit, well respected password saving program. The problem is that I am 90% sure I did not download the program (10% chance it might have been bundled) and 100% sure I did not install and get a user account. The service was trying to connect to 190.93.247.31 which is a cloud service in Costa Rico. I chose to block the service. It is probably a legit password manager that I accidentally downloaded, but it would be a great way to steal passwords if someone modified and distributed the file with a redirected location to forward the passwords?
Comments
-
PasswordBox actually does install a file named pbbtnService.exe as a Windows service and it is a 4.5 star CNET and PC Mag rated program. The program folder contains the support files normally expected, including an uninstall exe file. I just found it very odd that it appearred as a low level installed service when I do not remember a request to install and the destination was the unusual Cloud Host Service. Many people will have a legit pbbtnService.exe service, I was mostly wondering if anyone knows of a malicious version of the file being in the wild?
-
I see. Well, then I think the best way is to scan the file on https://www.virustotal.com/ a multi-engine scanner. It will scan with F-Secure + 47 other anti-virus products. If that doesn't detect anything it should be fine.
🚩 What Do You Think?
We’d love your thoughts on our fresh look! Quick survey, big impact!