home

safeguardbrowser.exe

Alerts LLC

Part of an adware web browser extension that delivers advertisements such as coupons, price-comparisons, display media, affiliate links, banners, popups/popunders and other links. The application safeguardbrowser.exe by Alerts has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Alerts LLC  (signed and verified)

Version:
1.0.0.28

MD5:
b7b0ee25fa65ad25b2f9db448dc00fe3

SHA-1:
4596e179a4dbd2d68a22e129fcf298c1ebeb891b

SHA-256:
4717ea1d269044d05882b511f9a729d32e386fc03fbb14f14dbe48cbb804ddb2

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 7:57:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Weather.Alerts (M)
15.10.21.17

File size:
385 KB (394,256 bytes)

Product version:
1.0.0.28

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\safeguard\safeguardbrowser.exe

Digital Signature
Signed by:
Alerts LLC

Authority:
COMODO CA Limited

Valid from:
6/5/2014 10:00:00 AM

Valid to:
6/6/2015 9:59:59 AM

Subject:
CN=Alerts LLC, O=Alerts LLC, STREET="101 Colorado St #2309", L=Austin, S=TX, PostalCode=78701, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A4FE74573C3AAF1867F4DF866A77B161

File PE Metadata
Compilation timestamp:
3/18/2015 8:36:13 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:5iuSJPM2cw25KxK8QjgVdh0p6NFbgcsuxxXMI0oe9AOg8Breia:5IP0r/sVdh0QTUN5IU9S8Fi

Entry address:
0x20181

Entry point:
E8, 9B, 6A, 00, 00, E9, 89, FE, FF, FF, B8, 66, 77, 42, 00, A3, B8, 3A, 45, 00, C7, 05, BC, 3A, 45, 00, 5C, 6E, 42, 00, C7, 05, C0, 3A, 45, 00, 10, 6E, 42, 00, C7, 05, C4, 3A, 45, 00, 49, 6E, 42, 00, C7, 05, C8, 3A, 45, 00, B2, 6D, 42, 00, A3, CC, 3A, 45, 00, C7, 05, D0, 3A, 45, 00, DE, 76, 42, 00, C7, 05, D4, 3A, 45, 00, CE, 6D, 42, 00, C7, 05, D8, 3A, 45, 00, 30, 6D, 42, 00, C7, 05, DC, 3A, 45, 00, BC, 6C, 42, 00, C3, 8B, FF, 55, 8B, EC, E8, 96, FF, FF, FF, 83, 7D, 08, 00, 74, 05, E8, AC, 75, 00, 00, DB...
 
[+]

Entropy:
6.3067

Code size:
245 KB (250,880 bytes)

Remove safeguardbrowser.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.