Browse to Save

Browse to Save Description

Browse to Save Screenshot 1‘Browse to Save’ is an adware program that will display its own ads on eBay, Amazon, Walmart and other websites. These advertisements will be displayed as boxes including various coupons that are available or as underlined keywords, which when clicked will show an advertisement that claims it is brought to you by ‘Browse to Save’. ‘Browse to Save’ can be installed on the compromised PC by another application that has bundled in its installer the ‘Browse to Save’ adware.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

Web users should always pay attention when installing programs because often, a program installer incorporates optional installs, such as the actual ‘Browse to Save’. PC users should be very careful what they agree to install. They have to always select for the custom installation and deselect anything that is unknown, especially optional applications that they never wanted to download and install on their PCs.

Browse to Save Automatic Detection Tool (Recommended)

Is your PC infected with Browse to Save? To safely & quickly detect Browse to Save we highly recommend you run the malware scanner listed below.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 7zS.sfx.exe 297
    2 %PROGRAMFILES(x86)%\BrowseToSave 297
    3 %PROGRAMFILES%\BrowseToSave 294
    4 %ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Start Menu\Programs\Browse2save 265
    5 %ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Start Menu\Programs\Barowwsoe2Save 262
    6 %ALLUSERSPROFILE%\Barowwsoe2Save 259
    7 %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flncacadcohnglflfbbaajblpbcmhndm 256
    8 %LocalAppData%\Google\Chrome\User Data\Default\Extensions\flncacadcohnglflfbbaajblpbcmhndm 253
    9 Browse2save.lnk 250
    10 %ALLUSERSPROFILE%\BrowseToSave 206

    More files

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}50d35045ee9f9.ocx.50d35045ee9f9.ocxSOFTWARE\Google\Chrome\Extensions\nlfckdlcigopnmbllnkoobmlejebjblmSOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{E4E81CBD-6726-D85B-ADD4-CEBBCE8D8CB3}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E1CE57A7-0664-0C32-21F3-71302B1586D6}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1CE57A7-0664-0C32-21F3-71302B1586D6}SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID, value: {54132B7C-E994-948C-D67F-F91400A09989}SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID, value: {E1CE57A7-0664-0C32-21F3-71302B1586D6}SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID, value: {E4E81CBD-6726-D85B-ADD4-CEBBCE8D8CB3}SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jgkkcpoognknojmjimfijflnoaglaefcSOFTWARE\Wow6432Node\Google\Chrome\Extensions\nlfckdlcigopnmbllnkoobmlejebjblmSOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseToSave_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseToSave_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{E4E81CBD-6726-D85B-ADD4-CEBBCE8D8CB3}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID, value: {54132B7C-E994-948C-D67F-F91400A09989}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID, value: {E4E81CBD-6726-D85B-ADD4-CEBBCE8D8CB3}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall, value: {C3F3165C-74D3-6FDB-3274-14FDA8698CFA}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path} {E4E81CBD-6726-D85B-ADD4-CEBBCE8D8CB3}{54132B7C-E994-948C-D67F-F91400A09989}{0379E79A-AB6F-7E35-EB90-9DDEC6115D6A}{E1CE57A7-0664-0C32-21F3-71302B1586D6}
Posted: December 3, 2012 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 2/10
Detection Count: 37,101
Home Malware ProgramsAdware Browse to Save

Leave a Reply

What is 3 + 15 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)