Chr0mium Browser
Posted: February 29, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 1/10 |
---|---|
Infected PCs: | 347 |
First Seen: | February 29, 2016 |
---|---|
Last Seen: | June 6, 2022 |
OS(es) Affected: | Windows |
The Chr0mium Browser is a Potentially Unwanted Program that may redirect you to an unwanted site when you search the Web. Although sites promoted by this PUP have yet to acquire any concrete evidence of wrongdoing, the Chr0mium Browser's installers may install the Chr0mium Browser automatically or include this product in bundles with other software. For most Web surfers, malware experts recommend uninstalling a Chr0mium Browser with help from their dedicated PC security software, along with clearing all relevant Web-browsing settings.
A Behind the Scenes Browser Swap
Chrome's successful capturing of roughly two-thirds of the Web-browsing market has come with the gradual development of drawbacks that capitalize on its popularity. While malware experts most often point out new samples of adware and search engine hijackers specializing in changing Chrome, other software developers may take different approaches. One of the most blatantly invasive of these alternative strategies is replacing the Chrome browser in its entirety with a clone, as can be noted with the January's Chroomium Browser, the Ghokswa Browser and, months later, the Chr0mium Browser.
After installing itself, the Chr0mium Browser may reset your default browser to itself. Other than providing all the standard services and features of any other browser based on the Chromium project, the Chr0mium Browser also may redirect all Web searches to Chr0mium.com. PC users should note that that website is not the official Chromium domain, which is Chromium.org (with no zero).
Because the Chr0mium Browser also may override your default Chrome browser, rather than making modifications to it, you also may experience problems with accessing bookmarks or user settings. Most PC users may be unable to log in to their Google accounts through the Chr0mium Browser, and can't use features related to Google's account synchronization (such as auto-completing text fields).
Getting that Old Chrome Shine Back
By providing visual continuity between your original Chrome browser and itself, the Chr0mium Browser may trick its users into believing that no new programs are installing themselves. At the same time, the Chr0mium Browser may reroute traffic to a website that otherwise has no marketing or other means of garnering new Web page 'hits.' Malware experts may have found no clear evidence of threatening intent on the part of Chr0mium.com's content creators, but that domain's likely involvement in deceiving Web surfers should lead to taking any recommended content it provides with a large grain of salt.
Blocking scripts and keeping your browser fully patched are two of the simplest ways of preventing corrupted Web pages from harming your PC with minimal effort. For actually removing a Chr0mium Browser, you should disconnect your PC from the Internet, restart it with the Safe Mode option selected, and run a full scan with any software capable of detecting parasites such as adware, browser hijackers and other PUPs. When you've restored Chrome (or any alternative) as your preferred browser, check the Web-browsing settings such as your browser's cache, and your Hosts file, for other changes that might have implement themselves with the intent of controlling which websites you visit.
Unfortunately, the Chr0mium Browser operates as evidence that even massive success in the software industry comes with problems, such as an increasing demand for copycats.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%PROGRAMFILES(x86)%\chr0mium Browser\chr0mium\bin\browserServer.exe
File name: browserServer.exeSize: 506.74 KB (506744 bytes)
MD5: 9b499c3477930879b2cd23f1330585d8
Detection count: 49
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\chr0mium Browser\chr0mium\bin
Group: Malware file
Last Updated: May 13, 2020
Registry Modifications
Regexp file mask%WINDIR%\System32\Tasks\chr0miumBrowserUpdateUA%WINDIR%\System32\Tasks\chr0miumCheckTaskHKEY..\..\..\..{RegistryKeys}Software\chr0miumSoftware\Classes\chr0miumHTMSOFTWARE\Clients\StartMenuInternet\chr0miumSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\chr0miumBrowserUpdateUASOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\chr0miumCheckTaskSOFTWARE\RegisteredApplications\chr0miumSOFTWARE\Wow6432Node\chr0miumSOFTWARE\Wow6432Node\Clients\StartMenuInternet\chr0miumSOFTWARE\Wow6432Node\RegisteredApplications\chr0mium