Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

28.0.1500.8765 20.00%
25.0.1364.22076 20.00%
25.0.1364.21027 20.00%
25.0.1364.17262 20.00%
25.0.1364.15751 20.00%

Relationships

Child process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegCreateKeyExW, RegQueryValueExW, RegQueryInfoKeyW, RegOpenKeyExW, RegEnumKeyExW, RegCloseKey, OpenProcessToken, GetTokenInformation, CreateProcessAsUserW, GetTraceEnableFlags, GetTraceLoggerHandle, TraceEvent, UnregisterTraceGuids, GetTraceEnableLevel, RegisterTraceGuidsW, RegDisablePredefinedCache, RevertToSelf, SetTokenInformation, GetLengthSid, ConvertStringSidToSidW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, SetEntriesInAclW, GetSecurityInfo, CreateWellKnownSid, CopySid, LookupPrivilegeValueW, EqualSid, DuplicateToken, DuplicateTokenEx, CreateRestrictedToken, SetThreadToken
kernel32.dll
DllMain
shlwapi.dll
PathRemoveFileSpecW, PathFileExistsW
user32.dll
CreateDesktopW, SetProcessWindowStation, GetThreadDesktop, GetUserObjectInformationW, GetProcessWindowStation, CharUpperW, CreateWindowStationW, CloseDesktop, CloseWindowStation, MessageBoxW
userenv.dll
GetProfileType
version.dll
VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
winmm.dll
timeGetTime
Export table
CrashForException
DumpProcess
DumpProcessWithoutCrash
InjectDumpForHangDebugging
InjectDumpProcessWithoutCrash
SetActiveURL
SetClientId
SetCommandLine2
SetExperimentList3
SetExtensionID
SetGpuInfo
SetNumberOfExtensions
SetNumberOfViews
SetPrinterInfo
SetUserId

browser.exe

Yandex by YANDEX LLC (Signed)

Remove browser.exe
Version:   25.0.1364.21027
MD5:   0e474514bf79ffd3385b0d567770a502
SHA1:   d99ee04e6fb2f861b544fe006c9f15f31736cb61

Overview

browser.exe executes as a process with the local user's privileges. It adds run once key to the current user's profile so that the file will execute the next time the user logs into Windows (it will delete the entry after it runs once). It is installed with a couple of know programs including Yandex published by Yandex, Yandex from Yandex and Yandex by Yandex. The file is digitally signed by YANDEX LLC which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:browser.exe
Publisher:YANDEX LLC
Product name:Yandex
Typical file path:C:\users\user\appdata\local\yandex\yandexbrowser\application\browser.exe
File version:25.0.1364.21027
Size:1.27 MB (1,332,528 bytes)
Build date:8/5/2013 12:22 PM
Certificate
Issued to:YANDEX LLC
Authority (CA):VeriSign
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Yandex
 Yandex
1% remove
The software is typically bundled with third party installers such as Open Candy. "Offer your users Yandex Elements for fast access to Yandex search, visual bookmarks, and much more. Note: Sets homepage, search default, and new tab to Yandex search."

BehaviorsBehaviors

Shell open commands
  • ftp
  • mailto
  • https
Startup files (user) run once
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'
  • 'Application Restart #0' → C:\users\user\appdata\Local\Yandex\YandexBrowser\Application\browser.exe --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --disable-ssl-false-start --disable-client-s
Network connections
  • [TCP] ec2-176-34-233-223.eu-west-1.compute.amazonaws.com (176.34.233.223:443)
  • [TCP] server-46.45.153.6.as42926.net (46.45.153.6:7679)

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00454397%
    0.028634%
    Kernel CPU:0.00188968%
    0.013761%
    User CPU:0.00265428%
    0.014873%
    Kernel CPU time:400,632,854 ms/min
    100,923,805ms/min
    Context switches:725/sec
    284/sec
    Memory
    Private memory:82.2 MB
    21.59 MB
    Private (maximum):105.77 MB
    Private (minimum):43.63 MB
    Non-paged memory:82.2 MB
    21.59 MB
    Virtual memory:298.99 MB
    140.96 MB
    Virtual memory (peak):321.54 MB
    169.69 MB
    Working set:92.62 MB
    18.61 MB
    Working set (peak):115.51 MB
    37.95 MB
    Resource allocations
    Threads:18
    12
    Handles:437
    600
    GUI GDI count:116
    103
    GUI GDI peak:121
    142
    GUI USER count:24
    49
    GUI USER peak:27
    71

    BehaviorsProcess properties

    Integrety level:Untrusted
    Platform:64-bit
    Command lines:
    • "C:\users\user\appdata\local\yandex\yandexbrowser\application\browser.exe" --type=renderer --lang=tr --user-id=34ae539f-7b2f-49c4-83bf-026fef2a13c2 --disable-client-side-phishing-detection --brand-id=tb --help-url=httC://yardim.yandex.com.tr/yabrowser/ --user-agent-info --channel="1716.14.1534638901\297677933" /prefetcC:3
    • "C:\users\user\appdata\local\yandex\yandexbrowser\application\browser.exe" --type=renderer --lang=tr --user-id=34ae539f-7b2f-49c4-83bf-026fef2a13c2 --disable-client-side-phishing-detection --brand-id=tb --help-url=httC://yardim.yandex.com.tr/yabrowser/ --user-agent-info --channel="1716.13.382696973\1452469941" /prefetcC:3
    • "C:\users\user\appdata\local\yandex\yandexbrowser\application\browser.exe" --type=gpu-process --channel="1716.4.2074989535\1291804497" --user-id=34ae539f-7b2f-49c4-83bf-026fef2a13c2 --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x0a20 --gpu-driver-vendor=nvidia --gpu-driver-version=9.18.13.3165 --ignored=" --type=renderer " --user-id=34ae539f-7b2f-49c4-83bf-026fef2a13c2 /prefetcC:12
    • "C:\users\user\appdata\local\yandex\yandexbrowser\application\browser.exe" --type=renderer --lang=tr --user-id=34ae539f-7b2f-49c4-83bf-026fef2a13c2 --extension-process --disable-client-side-phishing-detection --brand-id=tb --help-url=httC://yardim.yandex.com.tr/yabrowser/ --user-agent-info --channel="1716.2.1160243746\571926307" /prefetcC:3
    • "C:\users\user\appdata\local\yandex\yandexbrowser\application\browser.exe" --type=renderer --lang=tr --user-id=34ae539f-7b2f-49c4-83bf-026fef2a13c2 --extension-process --disable-client-side-phishing-detection --brand-id=tb --help-url=httC://yardim.yandex.com.tr/yabrowser/ --user-agent-info --channel="1716.1.368976087\1936368972" /prefetcC:3
    • "C:\users\user\appdata\local\yandex\yandexbrowser\application\browser.exe" httC://www.anasayfa.im/?utm_source=masaüstü&utm_medium=tbm&utm_campaign=cfp
    • "C:\users\user\appdata\local\yandex\yandexbrowser\application\browser.exe" --type=plugin --plugin-path="C:\users\user\appdata\local\yandex\yandexbrowser\application\25.0.1364.21027\plugins\npswf32_11_8_800_94.dll" --lang=tr --channel="1716.5.1896092763\768355170" --user-id=34ae539f-7b2f-49c4-83bf-026fef2a13c2 /prefetcC:4
    • (7 more)
    Owner:User
    Parent process:browser.exe (Yandex by YANDEX LLC)

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Ultimate 60.00%
    Windows 7 Professional 20.00%
    Microsoft Windows XP 20.00%

    Distribution by countryDistribution by country

    Turkey installs about 40.00% of Yandex.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Acer 100.00%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE