We received the file CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX and detected that CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX is not good.
CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX is Adware. You should remove the file CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX.
Kill the process CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX and remove CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX from Windows.
Malware Analysis of CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX
Full path on a computer: %Local Appdata%\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx
Detected by UnHackMe:
CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX
Default location: %Local Appdata%\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx
Removal Results: Success
Number of reboot: 1
CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX is known as:
Adware.Conduit (fs)
CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX hash:
- MD5: cfb4e3c0085e7b0bd920eafeca935ab7
The file tries to download information from some web sites.
How to quickly detect CGIAIKFPLLCHEFOJLNEHLMPEKEOGIHNM.CRX presence?
Registry:
- HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\StubPath: “”%Program Files%\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe” –configure-user-settings –verbose-logging –system-level –multi-install –chrome”
Folders:
- %Local Appdata%\Conduit\ChromeExtData\cgiaikfpllchefojlnehlmpekeogihnm
Files:
- %Local Appdata%\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx