home

windows_7_update.exe

FUSION INSTALLER

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application windows_7_update.exe, “Premium Installer ” by FUSION INSTALLER has been detected as adware by 15 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Premium Installer   (signed by FUSION INSTALLER)

Product:
Premium Installer

Description:
Premium Installer

Version:
2.4.8.1

MD5:
ce315feec5306129309f360656ad561c

SHA-1:
79b9450dc82437a37d8b99ed8e6f2072b5d83801

SHA-256:
75eac5150f5685f2f4e75d3d4b5644fd28e8983d210b56ed3054c934ae6121dd

Scanner detections:
15 / 68

Status:
Adware

Explanation:
This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
5/1/2024 2:25:39 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.OptimumInstaller.1
985

AVG
Generic
2015.0.3463

Bitdefender
Gen:Variant.Application.Bundler.OptimumInstaller.1
1.0.20.725

Comodo Security
Application.Win32.iBryte.WRP
18321

ESET NOD32
Win32/AdWare.iBryte.AF application
7.0.302.0

F-Secure
Gen:Variant.Application.Bundler
11.2014-25-05_1

G Data
Gen:Variant.Application.Bundler.OptimumInstaller
14.5.24

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.3812

Malwarebytes
PUP.Optional.OptimumInstaller.A
v2014.05.25.04

MicroWorld eScan
Gen:Variant.Application.Bundler.OptimumInstaller.1
15.0.0.435

Panda Antivirus
PUP/iBryte
14.05.25.04

Qihoo 360 Security
Malware.QVM10.Gen
1.0.0.1015

Reason Heuristics
PUP.Installer.FUSIONINSTALLER.Q
14.5.25.16

Sophos
iBryte Optimum Installer
4.98

VIPRE Antivirus
Threat.4778314
29560

File size:
227.3 KB (232,744 bytes)

Product version:
2.4.8.1

Copyright:
Copyright (C) 2013 Premium Installer

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
English (United States)

Common path:
C:\Program Files\malware\comodowebinspector\windows_7_update.exe

Digital Signature
Signed by:
FUSION INSTALLER

Authority:
VeriSign, Inc.

Valid from:
10/3/2013 7:00:00 PM

Valid to:
9/20/2014 6:59:59 PM

Subject:
CN=FUSION INSTALLER, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=FUSION INSTALLER, L=Kansas City, S=Missouri, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
21DB9738D9B500E3DAF0570B5DA9E8B9

File PE Metadata
Compilation timestamp:
5/25/2014 12:00:36 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:IMLNOiKO0jV0HX+o5EtnbQqaAKWrND9V2lHUJiFmEAI2Keop35NqpEo:IaOiKO0adqtbQqIW1EH5zdrqpEo

Entry address:
0x10E97

Entry point:
E8, 30, 53, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 44, A2, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 38, A0, 42, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63...
 
[+]

Entropy:
6.3585

Code size:
160.5 KB (164,352 bytes)

Remove windows_7_update.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.