home

safeguard.exe

Alerts LLC

Part of an adware web browser extension that delivers advertisements such as coupons, price-comparisons, display media, affiliate links, banners, popups/popunders and other links. The application safeguard.exe by Alerts has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Alerts LLC  (signed and verified)

MD5:
c9eedd1e6b2b63987622373179a774e1

SHA-1:
24304b750429e834678d4ed2d9110a523f3f8159

SHA-256:
66ed7892f2b0bb53d586fe636113382d61f6be0909d9d23c1982b347956e59a0

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 8:22:24 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Weather (M)
17.1.28.11

File size:
229.5 KB (235,000 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\safeguard\safeguard.exe

Digital Signature
Signed by:
Alerts LLC

Authority:
COMODO CA Limited

Valid from:
6/4/2014 6:00:00 PM

Valid to:
6/5/2015 5:59:59 PM

Subject:
CN=Alerts LLC, O=Alerts LLC, STREET="101 Colorado St #2309", L=Austin, S=TX, PostalCode=78701, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A4FE74573C3AAF1867F4DF866A77B161

File PE Metadata
Compilation timestamp:
3/17/2015 1:38:57 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

Entry address:
0xB40E

Entry point:
6C, 00, 65, 00, 73, 00, 5C, 00, 43, 00, 6F, 00, 6E, 00, 74, 00, 65, 00, 6E, 00, 74, 00, 2E, 00, 49, 00, 45, 00, 35, 00, 5C, 00, 41, 00, 51, 00, 52, 00, 45, 00, 30, 00, 36, 00, 4D, 00, 39, 00, 5C, 00, 6C, 00, 5B, 00, 33, 00, 5D, 00, 2E, 00, 6A, 00, 73, 00, 2E, 00, 2E, 00, 2E, 00, 0D, 00, 0A, 00, 34, 00, 2F, 00, 31, 00, 39, 00, 2F, 00, 32, 00, 30, 00, 31, 00, 35, 00, 20, 00, 39, 00, 3A, 00, 32, 00, 35, 00, 3A, 00, 30, 00, 34, 00, 20, 00, 41, 00, 4D, 00, 09, 00, 20, 00, 20, 00, 2D, 00, 2D, 00, 3E, 00, 20, 00...
 
[+]

Entropy:
6.3842

Code size:
37.5 KB (38,400 bytes)

Remove safeguard.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.