» chromehost.exe
Overview
Analysis
File Details
Programs (3)

chromehost.exe

ChromeHost

PINWID LTD

The application chromehost.exe by PINWID has been detected as adware by 3 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Muvic Smartbar by Pinwid Ltd. and Snap.Do Engine by ReSoft Ltd., both potentially unwanted software.

File name:

chromehost.exe

Publisher:

PINWID LTD (signed and verified)

Product:

ChromeHost

Version:

1.0.0.0

MD5:

9c9de62fbe89fb94dece949c209ee55e

SHA-1:

968eeb87952dbdb2e5fcffe3649c65998d745f96

SHA-256:

72a15469e2f52eeb576ca927322ee7e8c3757cdc8947f9fe933f2791353cae4a

Scanner detections:

3 / 68

Status:

Adware

Analysis date:

4/25/2024 7:42:59 PM UTC (today)

Scan engine

Detection

Engine version

AVG

MalSign.Pindi

2015.0.3416

Dr.Web

Trojan.AVKill.24016

9.0.1.05190

Reason Heuristics

PUP.PINWID.K

14.7.11.21

File size:

28.5 KB (29,216 bytes)

Product version:

1.0.0.0

Original file name:

Smartbar.Resources.ChromeHost.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\smartbar\application\chromehost.exe

Digital Signature

Signed by:

PINWID LTD

Authority:

COMODO CA Limited

Valid from:

2/4/2014 4:00:00 PM

Valid to:

2/5/2015 3:59:59 PM

Subject:

CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata

Compilation timestamp:

6/15/2014 7:24:29 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:DBkmUMnwaiov/4POhp/TCHOVcZStH5rGil7H3IHBOyJnkB8nhCxYPLg8l48X:lkmJwHovQPup/THRbXIhnxm8MElLX

Entry address:

0x6A2E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.1350

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

19 KB (19,456 bytes)

The file chromehost.exe has been discovered within the following programs.

Muvic Smartbar by Pinwid Ltd.

This adware injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of banners and text-links (roll-overs) as well as some popup ads.

www.browse-search.com/?

80% remove it

Muvic Smartbar Engine by Pinwid Ltd.

This adware program injects advertisements with its affiliate ad providers in order to serve a number of ad types including banner, inline text links and popups.

82% remove it

Snap.Do Engine by ReSoft Ltd.

Snap.

snap.do

83% remove it

Remove chromehost.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.