home

profileviewerssetup.exe

Page loaded installer

rinim

The executable profileviewerssetup.exe, “Deploy Page loaded browsers extension” has been detected as malware by 27 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
rinim  (signed and verified)

Product:
Page loaded installer

Description:
Deploy Page loaded browsers extension

Version:
4.1.2.5

MD5:
32a0122c91e2d9db019e2f7fee7392bc

SHA-1:
fa87615c53d831b5cf8767690ad115f5a2fcba2f

SHA-256:
f0685fe2c2d01b92596b7f2ae470d1ff554d61b751b577039a6fac42e3bcb44f

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
4/19/2024 7:57:09 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.9240176
915

AhnLab V3 Security
Trojan/Win32.Agent
2013.11.29

avast!
VBS:Malware-gen
2014.9-140803

AVG
Clicker
2015.0.3393

Baidu Antivirus
Trojan.JS.TrojanClicker
4.0.3.1483

Bitdefender
Trojan.Generic.9240176
1.0.20.1075

Comodo Security
TrojWare.Win32.TrojanClicker.Agent.~AAA
17351

Dr.Web
Trojan.AVKill.30538
9.0.1.0215

Emsisoft Anti-Malware
Trojan.Generic.9240176
8.14.08.03.06

ESET NOD32
JS/TrojanClicker.Agent.NDL
8.9107

Fortinet FortiGate
JS/JSRedir.DO!tr
8/3/2014

F-Secure
Trojan.Script.488220
11.2014-03-08_1

G Data
Trojan.Generic.9240176
14.8.22

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.2.2.29

Kaspersky
Trojan-Clicker.Win32.Agent
14.0.0.3461

Malwarebytes
Spyware.Password
v2014.08.03.06

McAfee
RDN/Generic.dx!cnj
5600.7049

MicroWorld eScan
Trojan.Generic.9240176
15.0.0.645

NANO AntiVirus
Trojan.Win32.AVKill.bvhmmq
0.28.0.56420

Norman
Troj_Generic.MHSGJ
11.20140803

nProtect
Trojan.Script.488220
13.11.28.02

Panda Antivirus
Trj/CI.A
14.08.03.06

Sophos
Mal/Generic-S
4.95

Trend Micro House Call
TROJ_SPNR.02GI13
7.2.215

Trend Micro
TROJ_SPNR.02GI13
10.465.03

Vba32 AntiVirus
TrojanClicker.Agent
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Clicker
23818

File size:
336.7 KB (344,768 bytes)

Product version:
4.1.2.5

Copyright:
Facebook

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\profileviewerssetup.exe

Digital Signature
Signed by:
rinim

Authority:
rinim

Valid from:
12/31/2012 11:00:00 PM

Valid to:
12/31/2018 11:00:00 PM

Subject:
CN=rinim

Issuer:
CN=rinim

Serial number:
3D9394A4D3EC5E8A45B5171E76F8199A

File PE Metadata
Compilation timestamp:
3/29/2013 7:03:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:zvrvJbJYWoGBTEjji3Jwc8yna55uvDybzJs/OdFG+I0Qb5:zLwWoGVEjQJwc8wvmJs2/M0Qb5

Entry address:
0x1F3A0

Entry point:
55, 8B, EC, 81, C4, D0, FE, FF, FF, 53, 56, 57, 33, C0, 89, 45, D0, 89, 45, EC, 89, 45, D8, 89, 45, D4, B8, 54, EC, 41, 00, E8, 30, 77, FE, FF, 33, C0, 55, 68, 2D, F5, 41, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, B9, F4, 41, 00, 64, FF, 30, 64, 89, 20, B8, 44, F5, 41, 00, E8, 72, D0, FF, FF, B8, 74, F5, 41, 00, E8, 68, D0, FF, FF, B8, A4, F5, 41, 00, E8, 5E, D0, FF, FF, 8D, 45, EC, 50, 8D, 45, D8, E8, 16, B0, FF, FF, 8B, 45, D8, 89, 45, DC, C6, 45, E0, 0B, 8D, 55, D4, B8, 04, 00, 00, 00, E8, 1F, B6, FF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
121.5 KB (124,416 bytes)

Remove profileviewerssetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.