home

protectiumbrowser.exe

Protectium

PINWID LTD

The application protectiumbrowser.exe by PINWID has been detected as adware by 10 anti-malware scanners.
Publisher:
PinWid  (signed by PINWID LTD)

Product:
Protectium

Version:
34.0.1814.0

MD5:
3b57c27a9fa49f91af29353ea2c5b2ef

SHA-1:
10775223731ff062d39ceeef63d7a28395f8b873

SHA-256:
f272c5b12beb2abf16ba9bd179efb57241699befbfab6d75070e95cd80f92584

Scanner detections:
10 / 68

Status:
Adware

Analysis date:
4/25/2024 6:03:10 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Smartbar.V
729

AVG
Pindi
2016.0.3207

Bitdefender
Adware.Smartbar.V
1.0.20.180

Emsisoft Anti-Malware
Adware.Smartbar.V
8.15.02.05.01

F-Secure
Adware.Smartbar.V
11.2015-05-02_5

G Data
Adware.Smartbar
15.2.24

MicroWorld eScan
Adware.Smartbar.V
16.0.0.108

nProtect
Adware.Smartbar.V
15.01.23.01

Reason Heuristics
PUP.Resoft
15.2.5.13

VIPRE Antivirus
Adware.Smartbar
36940

File size:
30.2 MB (31,677,336 bytes)

Product version:
34.0.1814.0

Copyright:
Copyright 2014 The Protectium Authors. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\application data\packer\files\protectiumbrowser\protectiumbrowser.exe

Digital Signature
Signed by:
PINWID LTD

Authority:
COMODO CA Limited

Valid from:
2/4/2014 6:00:00 PM

Valid to:
2/5/2015 5:59:59 PM

Subject:
CN=PINWID LTD, O=PINWID LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46733, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D9AC9FC9A1B1E8FD63013E3CCE7B0578

File PE Metadata
Compilation timestamp:
7/22/2014 12:19:45 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
786432:wPs/O0FobHYByNT+Iv0l+TzSnT7ZG1A5Xlyt6n8q5uawXB49:anMkKyNT+I7TuT7AcP8Me

Entry address:
0x2ED0

Entry point:
6A, 00, FF, 15, 9C, 10, 40, 00, 50, E8, A2, FE, FF, FF, 83, C4, 04, 50, FF, 15, 98, 10, 40, 00, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 56, 8B, 75, 0C, 8D, 04, 36, 39, 45, 14, 77, 05, 32, C0, 5E, 5D, C3, 8B, 55, 10, 33, C9, 33, C0, 66, 89, 0C, B2, 85, F6, 74, 3C, 53, 57, 8B, 7D, 08, EB, 06, 8D, 9B, 00, 00, 00, 00, 8A, 0C, 38, 0F, B6, D9, 0F, BE, C9, C1, EB, 04, 66, 8B, 1C, 5D, 20, 16, 40, 00, 83, E1, 0F, 66, 89, 1C, 82, 66, 8B, 0C, 4D, 20, 16, 40, 00, 66, 89, 4C, 82, 02, 40, 3B, C6, 72, D3, 5F, 5B, B0...
 
[+]

Entropy:
8.0000

Packer / compiler:
FASM v1.3x

Code size:
10 KB (10,240 bytes)

Remove protectiumbrowser.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.