How to remove ChromeApproveTBPlugin.dll.vir

ChromeApproveTBPlugin.dll.vir

The module ChromeApproveTBPlugin.dll.vir has been detected as Adware.Conduit

ChromeApproveTBPlugin.dll.vir
Remove ChromeApproveTBPlugi

File Details

Product Name:

Conduit Chrome Approve TB Plugin
Company Name:

Conduit
MD5: 47bf89715ba06fceacae0f1ff7f454db
Size: 114 KB
First Published: 2017-09-21 20:05:56 (7 years ago)
Latest Published: 2019-06-21 04:26:30 (5 years ago)
Status: Adware.Conduit (on last analysis)
Analysis Date: 2019-06-21 04:26:30 (5 years ago)

Overview

Signed By: Conduit Ltd.
Status: Invalid (digital signature could be stolen or file could be patched)

Common Places:

%sysdrive%\darren-vaio\backup set 2013-03-17 211812\backup files 2013-03-31 190000\backup files 1.zip\c\users\darren\appdata\local\google\chrome\user data\default\extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.0.562_0
%sysdrive%\darren-vaio\backup set 2013-04-07 204139\backup files 2013-04-07 204139\backup files 1.zip\c\users\darren\appdata\local\google\chrome\user data\default\extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.0.562_0
%localappdata%\google\chrome\user data\profile 1\extensions\mdebcffgnijbblbinknkbefciofebcda\10.15.0.62_0
%sysdrive%\cafrica\j\bobo\backup set 2013-04-07 190011\backup files 2013-04-07 190011\backup files 7.zip\c\users\äöä\appdata\local\google\chrome\user data\default\extensions\kgbcbdejncdpahgapnmkjimfmlipdgdl\10.15.0.562_0
%sysdrive%\cafrica\j\bobo\backup set 2013-04-07 190011\backup files 2013-04-07 190011\backup files 7.zip\c\users\äöä\appdata\local\google\chrome\user data\default\extensions\pielejjfbdmjdfiimgiljjpmlpalgoeg\10.15.0.562_0
%sysdrive%\cafrica\j\bobo\backup set 2013-04-07 190011\backup files 2013-04-07 190011\backup files 7.zip\c\users\äöä\appdata\local\google\chrome\user data\default\extensions\jfjhiccppafcjicfalobggnophliocpp\10.15.0.562_0
%sysdrive%\adwcleaner\quarantine\c\users\owner\appdata\local\torch\user data\default\extensions\cflheckfmhopnialghigdlggahiomebp\10.15.0.62_0
%sysdrive%\adwcleaner\quarantine\c\users\brian\appdata\local\google\chrome\user data\default\extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\10.15.0.62_0
%chromeprofile%\extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\10.15.0.62_0
%temp%\scoped_dir_4588_11842\crx_install

File Names:

ChromeApproveTBPlugin.dll
ChromeApproveTBPlugin.dll.vir

Geography:

41.2%
23.5%
17.6%
11.8%
5.9%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x10000000
Entry Address: 0x00006e78

PE Sections:

Name Size of data MD5
.text 72704 6d199d249fe504b3c53b7e31034b1ca3
.rdata 21504 df11e22cea12c76096c98b9165967519
.data 5632 1f382a57a2d6a9904cf5d023160a1629
.rsrc 1536 26aa818af9e26331cbc0b20af253ee1c
.reloc 8192 75038f024758d8e1a0768e00c1ef3e22

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for ChromeApproveTBPlugin.dll.vir
copyright for information about ChromeApproveTBPlugin.dll.vir