home

Installer.exe

This is the uninstaller utility registered in the Windows Control Panel for the program BrowserSafeguard by Browsersafeguard. The file has been seen being downloaded from install.browsersafeguard.com and multiple other hosts a web site host known to distribute potentially unwanted software operated by Optimum Installer.
Version:
1.0.0.0

MD5:
b95253cb9218f42147407b7e6cfea406

SHA-1:
efa1fdc873d99188c077116d19d2f0c0b9abc07a

SHA-256:
c3264063ac7521c5dd910c674adb7f95339baaaf6e1ec14ed017022860632218

Scanner detections:
7 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
2/24/2025 11:11:47 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

AVG
Generic5
2015.0.3606

Bkav FE
W32.Clod932.Trojan
1.3.0.4613

Comodo Security
ApplicUnwnt
17598

McAfee
Adware-Bsafeg!B95253CB9218
5600.7262

Panda Antivirus
Suspicious file
14.01.02.02

Trend Micro House Call
TROJ_GEN.R0CCH06K713
7.2.2

VIPRE Antivirus
Adware.Bsafeg
25350

File size:
2.2 MB (2,341,888 bytes)

Product version:
1.0.0.0

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\installer.exe

File PE Metadata
Compilation timestamp:
7/31/2013 5:15:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:w7jdMpcuS+INxEQjST78ODWN4Y9tWCNYWSv:sjmcuS+INWxymYO

Entry address:
0x22E9EE

Entry point:
FF, 25, FC, E9, 62, 00, 00, 00, 00, 00, 00, 00, 00, 00, D0, E9, 22, 00, 00, 00, 00, 00, 00, 00, 00, 00, 64, 7E, F9, 51, 00, 00, 00, 00, 02, 00, 00, 00, 79, 00, 00, 00, 20, EA, 22, 00, 20, CC, 22, 00, 52, 53, 44, 53, 39, 34, 79, 97, 8A, 33, E3, 45, AC, 9F, 8E, 24, 81, 97, 7F, 27, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 64, 6D, 69, 6C, 6C, 65, 72, 5C, 44, 6F, 63, 75, 6D, 65, 6E, 74, 73, 5C, 50, 72, 6F, 6A, 65, 63, 74, 73, 5C, 49, 6E, 73, 74, 61, 6C, 6C, 65, 72, 73, 5C, 42, 72, 6F, 77, 73, 65, 72...
 
[+]

Entropy:
7.1062

Code size:
2.2 MB (2,280,448 bytes)

Program Uninstaller
Program name:
BrowserSafeguard

Display publisher:
Browsersafeguard

Uninstall string:
"C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe" /u /UserID=0a813ba5-fdad-47c0-afb1-d06b4d7ff3f9 /SourceID=slice_iewin732 /ImplementationID=browsersafeguard-ptn


The file Installer.exe has been discovered within the following program.

BrowserSafeguard  by Adknowledge, Inc.
RocketTab is licensed by Rich River Media but typically bundled with BrowserSafeguard, the software is distributed through numerous adware bundlers including optimum-installer, FUSION INSTALL and Tint Installer.
www.browsersafeguard.com
80% remove it
 
Powered by Should I Remove It?

The file Installer.exe has been seen being distributed by the following 2 URLs.

http://install.browsersafeguard.com/.../installer.exe

http://i.vertitechnologygroup.com/inst/software/12D115FB-8057-42DD-A59D-423FE173442A/.../installer.exe

Scan Installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.