How to remove OrbiterInstaller[1].exe

» File
File Details
Overview
Analysis

OrbiterInstaller[1].exe

The module OrbiterInstaller[1].exe has been detected as Adware.Conduit

File Details

Main Info:

Product Name:	Orbiter
Company Name:	Client Connect LTD
MD5:	2496c5295948c58519e6b4e5781364d4
Size:	746 KB
First Published:	2017-05-21 06:07:28 (6 years ago)
Latest Published:	2018-11-10 18:11:42 (5 years ago)

Analysis:

Status:	Adware.Conduit (on last analysis)
Analysis Date:	2018-11-10 18:11:42 (5 years ago)

Overview

Digital Signature

Signed By:	ClientConnect LTD
Status:	Invalid (digital signature could be stolen or file could be patched)

Common Places:

%localappdata%\microsoft\windows\inetcache\ie\hdvpha0e

%localappdata%\microsoft\windows\inetcache\ie\1pt927l9

%localappdata%\microsoft\windows\inetcache\ie\p9y2d2ah

%localappdata%\microsoft\windows\inetcache\ie\ty1b6kmg

%localappdata%\microsoft\windows\inetcache\ie\jq4p64n5

%localappdata%\microsoft\windows\inetcache\ie\cl1km4ca

%localappdata%\microsoft\windows\temporary internet files\content.ie5\uxufo4ek

%localappdata%\microsoft\windows\temporary internet files\content.ie5\7r99ooub

%localappdata%\microsoft\windows\temporary internet files\content.ie5\j5bi01k8

%localappdata%\microsoft\windows\inetcache\ie\60pcynm0

Geography:

	45.7%
	8.6%
	8.6%
	5.7%
	5.7%
	2.9%
	2.9%
	2.9%
	2.9%
	2.9%
	2.9%
	2.9%
	2.9%
	2.9%

OS Version:

Windows 7	65.7%
Windows 10	25.7%
Windows 8.1	8.6%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00003415

PE Sections:

Name	Size of data	MD5
.text	26624	cb807804553819b70f6e16b8a094d327
.rdata	6656	161b329b4c70ce4fbd9c1143e738896b
.data	512	140876ba314e7bc36379ee5c6db80876
.ndata	0	00000000000000000000000000000000
.rsrc	96256	132246e56ec226c21c101e70c8cb5302

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for OrbiterInstaller[1].exe

copyright for information about OrbiterInstaller[1].exe