» cltmngui.exe
Overview
Analysis
File Details

cltmngui.exe

ClientConnect LTD

The file belongs to the ClientConnect (Conduit/Perion) platform, a utility that bundles and monetizes search toolbars and browser add-ons. The application cltmngui.exe by ClientConnect has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

cltmngui.exe

Publisher:

ClientConnect LTD (signed and verified)

MD5:

3f3caab06de84fa3bf25741af169b6d0

SHA-1:

a6eff876eeed88585077dd98c90c7c26b56745cf

SHA-256:

a6acb3a0255eaeba4f70b4dec4e4aa34918b8c93df7a1237e61fd313bc608dec

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Part of the Conduit/ClientConnect toolbar/extension distribution.

Analysis date:

11/5/2024 1:58:37 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Conduit (M)

17.3.14.13

File size:

3 MB (3,190,600 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\lenovobrowserguard\ui\bin\cltmngui.exe

Digital Signature

Signed by:

ClientConnect LTD

Authority:

VeriSign, Inc.

Valid from:

1/28/2014 2:00:00 AM

Valid to:

1/30/2016 1:59:59 AM

Subject:

CN=ClientConnect LTD, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Lenovo Browser Guard, O=ClientConnect LTD, L=Ness Ziona, S=Israel, C=IL

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

177310CAE60BB43B9E75B02DA2C1AC11

File PE Metadata

Compilation timestamp:

7/22/2014 6:23:02 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

Entry address:

0x108C13

Entry point:

0A, 48, 8D, 4B, 08, FF, 15, B2, 45, 1B, 00, 33, C0, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, 40, 53, 48, 83, EC, 20, 48, 85, D2, 75, 50, BB, 03, 40, 00, 80, 48, 8B, 0D, CD, 53, 19, 00, 48, 8D, 05, C6, 53, 19, 00, 48, 3B, C8, 74, 1E, F6, 41, 1C, 01, 74, 18, 48, 8B, 49, 10, 4C, 8D, 05, D8, 79, F4, FF, BA, 39, 00, 00, 00, 44, 8B, CB, E8, 03, 24, F8, FF, 48, 8D, 0D, 94, 77, F4, FF, 44, 8B, CB, 45, 33, C0, BA, B9, 01, 00, 00, FF, 15, 3B, 4B, 1B, 00, EB, 41, 48, 8B, 49, 50... 
[+]

Code size:

1.7 MB (1,830,912 bytes)

Remove cltmngui.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.