Join FYERS Community to pick others' brains on Trading/Investing
Kaspersky raises false alarm; you can ignore it. To make sure file is not infected you can scan it with Windows Defender, Avast, Avira, Bitdefender, Panda, McAfee, TrendMicro, Symantec or any other antivirus... it should pass the test.
Scan the file using https://www.virustotal.com/gui/34
@Prosenjit Ghosh16 @Jerome J14
Hi!
APIBridge extension follows ExtensionInstallSources policy of Google Chrome. Setting this policy specifies which URLs may install extensions, apps, and themes. You can read more about it here https://chromeenterprise.google/policies/?policy=ExtensionInstallSources20
APIBridge extension adheres to the policy. Google Chrome earlier didn't use to display this message, with their Chrome 73 update in 2019 they have started stating group policies configured for the browser.
Malware can also use Chrome policies to force install a malicious extension, disable Safe Browsing, or configure other unwanted behavior. It does this by configuring the ExtensionInstallForcelist and adding a list of extension IDs and the location they should be installed from or any other way. This does not happen with the APIBridge extension.
If Chrome is saying it is "Managed by your organization", you should go to the chrome://policy page to see what policies are configured on your computer.
On this page, Chrome will display all configured policies, which when clicked on, go to a support page that explains what that policy does. If you find that the policy is being used for malicious purposes or you do not need it, you can go to the Registry keys and look for the associated policy.
APIBridge extension is not malicious, it follows Chrome policy. It can also be noticed that APIBridge extension only accesses tradingview.com24, which can also be managed by you.
Trojan:Win32/Zpevdo.B
I have opened support ticket. You need to look into it asap. Apibridge.exe file has been deleted as a part of cleanup by windows defender.