» tbverifier.dll
Overview
Analysis
File Details
Behaviors (6)

tbverifier.dll

Conduit Toolbar Verifier

Conduit Ltd.

The file is part of the Conduit Toolbar platform, a web browser monetization engine that is typiclaly distributed with third party programs through a bundled installation, this particular version is part of the Conduit Toolbar Verifier bundle. The module tbverifier.dll by Conduit has been detected as a potentially unwanted program by 13 anti-malware scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘ConduitFloatingPlugin_iigplimlmgilpobjilfbfeilnpiigpgl’.

File name:

tbverifier.dll

Publisher:

Conduit Ltd. (signed and verified)

Product:

Conduit Toolbar Verifier

Version:

1.0.4.0

MD5:

5dfc000962e125056b60e78f9988369c

SHA-1:

5c4422b8a162afe9048e367c5b9c1932cca25a9e

SHA-256:

221fbe42e37881ec63c7840b15266c0dabb2c0fdc12d03d12057952bbc7b4926

Scanner detections:

13 / 68

Status:

Potentially unwanted

Explanation:

This component is distributed and installed with the Conduit Toolbar platform.

Analysis date:

1/8/2025 6:46:29 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Toolbar.Conduit

2015.0.3389

Boost by Reason

Optional.Startup.Conduit.K

188838

Dr.Web

Adware.Conduit.18

9.0.1.042

Emsisoft Anti-Malware

Gen:Adware.SMSHoax

8.14.02.11.10

ESET NOD32

Win32/Toolbar.Conduit.AC

8.9708

Fortinet FortiGate

Riskware/Toolbar_Conduit

8/7/2014

G Data

Win32.Application.ConduitTB

14.2.22

Malwarebytes

PUP.Optional.Conduit.A

v2014.08.07.10

NANO AntiVirus

Trojan.Win32.Symmi.ctocxw

0.28.0.57630

Panda Antivirus

Adware/Conduit

14.02.11.10

Reason Heuristics

SearchPlugin.ConduitSearchBar.Startup.K

14.8.7.22

Trend Micro House Call

TROJ_GEN.F47V1221

7.2.42

VIPRE Antivirus

Conduit

25278

File size:

280.3 KB (287,008 bytes)

Product version:

1.0.4.0

Original file name:

ConduitF.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\conduit\ct3309350\plugins\tbverifier.dll

Digital Signature

Signed by:

Conduit Ltd.

Authority:

VeriSign, Inc.

Valid from:

1/2/2013 4:00:00 PM

Valid to:

4/3/2016 4:59:59 PM

Subject:

CN=Conduit Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Conduit Ltd., L=Ness Ziona, S=Israel, C=IL

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

3A82654719D8F75B59134F7B66465210

File PE Metadata

Compilation timestamp:

7/8/2013 3:28:30 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:4RHe7++cp30kuTcp7OI9+ReZPxP9p4FtlPnggx:4R+7+nSkgcpq8+ReZ5P9aDlLx

Entry address:

0x1E27F

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 24, 61, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 0C, 53, 85, C0, 74, 52, 8B, 54, 24, 08, 33, DB, 8A, 5C, 24, 0C, F7, C2, 03, 00, 00, 00, 74, 16, 8A, 0A, 83, C2, 01, 32, CB, 74, 72, 83, E8, 01, 74, 32, F7, C2, 03, 00, 00, 00, 75, EA, 83, E8, 04, 72, 12, 57, 8B, FB, C1, E3, 08, 03, DF, 8B, FB, C1, E3, 10, 03, DF, EB, 1B, 5F, 83, C0, 04, 74, 0E, 8A, 0A... 
[+]

Entropy:

6.5177

Code size:

209.5 KB (214,528 bytes)

6 Startup Files (User Run)

Registry location: