Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegSetValueExW, RegCreateKeyExW, RegSetValueExA, RegCreateKeyExA, RegCloseKey, RegDeleteValueW, RegOpenKeyExW, RegQueryValueExW
kernel32.dll
GetTimeZoneInformation, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetConsoleMode, CloseHandle, GetLastError, CreateFileW, GetProcAddress, GetModuleHandleW, GetFileSize, ReadFile, SetEndOfFile, SetFilePointer, WriteFile, GetPrivateProfileStringW, WideCharToMultiByte, GetVersion, CreateMutexW, ReleaseMutex, GetCommandLineW, LocalFree, GetFullPathNameW, GetFullPathNameA, HeapReAlloc, CreateFileA, MapViewOfFile, UnmapViewOfFile, FreeLibrary, HeapAlloc, SystemTimeToFileTime, QueryPerformanceCounter, HeapFree, InterlockedCompareExchange, UnlockFile, LockFile, GetTickCount, UnlockFileEx, GetSystemTimeAsFileTime, GetUserDefaultLCID, InitializeCriticalSection, LoadLibraryW, Sleep, FormatMessageW, HeapDestroy, LeaveCriticalSection, GetFileAttributesA, HeapCreate, HeapValidate, GetFileAttributesW, MultiByteToWideChar, FlushFileBuffers, GetTempPathW, HeapSize, LockFileEx, EnterCriticalSection, GetDiskFreeSpaceW, LoadLibraryA, CreateFileMappingW, GetDiskFreeSpaceA, GetSystemInfo, GetFileAttributesExW, DeleteCriticalSection, GetVersionExA, DeleteFileW, GetCurrentProcessId, GetTempPathA, SetEnvironmentVariableA, AreFileApisANSI, DeleteFileA, GetConsoleCP, GetFileType, SetHandleCount, IsProcessorFeaturePresent, IsValidCodePage, GetOEMCP, GetACP, GetModuleFileNameW, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, GetStringTypeW, WriteConsoleW, SetStdHandle, CompareStringW, FormatMessageA, GetSystemTime, GetStdHandle, GetCurrentThreadId, SetLastError, InterlockedIncrement, InterlockedDecrement, InterlockedExchange, EncodePointer, DecodePointer, GetProcessHeap, ExitProcess, HeapSetInformation, GetStartupInfoW, RtlUnwind, RaiseException, LCMapStringW, GetCPInfo, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, InitializeCriticalSectionAndSpinCount, GetLocaleInfoW, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree
shell32.dll
SHFileOperationW, CommandLineToArgvW, SHGetFolderPathW
user32.dll
PostMessageW, KillTimer, DispatchMessageW, TranslateMessage, GetMessageW, SetTimer, FindWindowExW
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW

tcbhn.exe

By Blabbers Communications Ltd (Signed)

Remove tcbhn.exe
MD5:   3749ddbf2724cd9d48983ac48fba0e2b
SHA1:   e33473a547b46503c4f7d8d6095f084570496e0f
SHA256:   10fe3ad441f98761ed91c9ae89f1bc2211594d125acb93dc953e131c0bfd5894
Warning 3 antivirus scanners has detected malware.

What is tcbhn.exe?

The Browser Companion toolbar and web browser plugin will redirect legitimate search queries to an affiliate search results page.

About tcbhn.exe (from Blabbers Communications Ltd)

Blabbers allows users to change how they see the Web by altering the look of any Web page, adding layers of multimedia content or graphics and then sharing their experience with friends from their soc

DetailsDetails

File name:tcbhn.exe
Typical file path:C:\users\user\appdata\roaming\browsercompanion\tcbhn.exe
Size:679.15 KB (695,448 bytes)
Certificate
Issued to:Blabbers Communications Ltd
Digital DNA
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

User start menu folder
Shortcut pointer placed in '%appdata%\Microsoft\Windows\Start Menu'
  • Shortcut to 'tcbhn.exe'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
Antivirus engineEngine versionDetection
Comodo Internet Security 15862 UnclassifiedMalware
Dr.Web 8.13.4.9 Adware.Downware.368
ESET NOD32 7.8206 Win32/BrowserCompanion

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00338084%
0.028634%
Kernel CPU:0.00229220%
0.013761%
User CPU:0.00108865%
0.014873%
Kernel CPU time:78,032 ms/min
100,923,805ms/min
Memory
Private memory:2.42 MB
21.59 MB
Private (maximum):1.44 MB
Private (minimum):1.15 MB
Non-paged memory:2.42 MB
21.59 MB
Virtual memory:66.47 MB
140.96 MB
Virtual memory (peak):68.77 MB
169.69 MB
Working set:1.11 MB
18.61 MB
Working set (peak):11.09 MB
37.95 MB
Resource allocations
Threads:1
12
Handles:76
600
GUI GDI count:6
103
GUI GDI peak:7
142
GUI USER count:7
49
GUI USER peak:8
71

BehaviorsProcess properties

Integrety level:High
Platform:64-bit
Command line:"C:\users\user\appdata\roaming\browsercompanion\tcbhn.exe" -interval=10 -iehome=0 -iesearch=0 -ffhome=0 -ffsearch=0 -chhome=0 -chsearch=0 -pubid= -affid=
Owner:User
Parent process:explorer.exe (Windows Explorer by Microsoft Corporation)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 71.43%
Windows Vista Home Premium 28.57%

Distribution by countryDistribution by country

United States installs about 71.43% of tcbhn.exe.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Samsung 100.00%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE