How to remove TBMessagingHost.exe.vir

» File
File Details
Overview
Analysis

TBMessagingHost.exe.vir

The module TBMessagingHost.exe.vir has been detected as Adware.ClientConnect

File Details

Main Info:

Product Name:	TBMessagingHost
Company Name:	ClientConnect Ltd.
MD5:	23c8f9c2cb81732a3207d197b9e9a4d4
Size:	1 MB
First Published:	2017-05-27 03:08:54 (7 years ago)
Latest Published:	2020-11-16 13:54:18 (4 years ago)

Analysis:

Status:	Adware.ClientConnect (on last analysis)
Analysis Date:	2020-11-16 13:54:18 (4 years ago)

Overview

Digital Signature

Signed By:	ClientConnect LTD
Status:	Valid

Common Places:

%chromeprofile%\extensions\kgficikadnmmefckdecajlmffkbagomp\10.31.4.510_0\nativemessaging

%temp%\testifexeexist\ct3202343\nativemessaging

%localappdata%\nativemessaging\ct3313051\1_0_2_0

%chromeprofile%\extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.31.4.510_0\nativemessaging

%chromeprofile%\extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\10.31.4.510_0\nativemessaging

%chromeprofile%\extensions\hpnmgpolajlplabbfjloenkjhkmoikpc\10.31.4.510_0\nativemessaging

%localappdata%\nativemessaging\ct3289075\1_0_2_0

%chromeprofile%\extensions\okemjkdkkihnhdaanohnleknbaddlddb\10.31.4.510_0\nativemessaging

%profile%\дминистратор\local settings\application data\google\chrome\user data\default\extensions\cflheckfmhopnialghigdlggahiomebp\10.31.4.510_0\nativemessaging

%desktop%\ecole\backup\christian\appdata\local\google\chrome\user data\profile 1\extensions\hfpghkmipjbamgnlilimjdmgkalpmcjn\10.31.4.510_0

File Names:

TBMessagingHost.exe

TBMessagingHost.exe.vir

Geography:

	22.4%
	18.4%
	9.2%
	7.9%
	7.9%
	6.6%
	2.6%
	2.6%
	2.6%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%

OS Version:

Windows 10	47.4%
Windows 7	42.1%
Windows XP	5.3%
Windows 8.1	2.6%
Windows 8	2.6%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00049298

PE Sections:

Name	Size of data	MD5
.text	757248	da589dced016c5ab6532e76ea46a45d6
.rdata	164352	4ccb1c131256d33fdedc2a1ebe191704
.data	51200	fa6096ca3ca164e6867006865c5ea09e
.rsrc	1536	ea515b73dbdccdee6b80c14f89012389
.reloc	105472	7a5c55e96eb06a69239b797e2c2c4232

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for TBMessagingHost.exe.vir

copyright for information about TBMessagingHost.exe.vir

How to remove TBMessagingHost.exe.vir

TBMessagingHost.exe.vir

The module TBMessagingHost.exe.vir has been detected as Adware.ClientConnect

File Details

Main Info:

TBMessagingHost

ClientConnect Ltd.

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: