Should I block it?

98%

Yes, 98% block recommendation.

Possible reasons:

Multiple malware detections

Performance resource utilization

Relationships

Parent process

pal_install_id_r109860_a3000.exe (Paltalk Messenger Setup by Paltalk.com)

Related files

pipinstaller_pltv52.exe

Offercast - APN Install Manager by Ask.com (Signed)

Remove pipinstaller_pltv52.exe

Version:	2.8.0.2
MD5:	3e0c5b4b6663d82ff381425565657bc0
SHA1:	30f68f16d61c883d647e320e03545829f2bb20df
SHA256:	a39ac91b5d9bc217537b69f4c7a96f252e8e995b7cff73da27aa3a81e3c9e48c

Warning 3 antivirus scanners has detected malware.

Overview

pipinstaller_pltv52.exe is malware that executes as a process with the local user's privileges typically within the context of its parent pal_install_id_r109860_a3000.exe (Paltalk Messenger Setup by Paltalk.com). It adds run once key to the current user's profile so that the file will execute the next time the user logs into Windows (it will delete the entry after it runs once). The file is digitally signed by Ask.com which was issued by the VeriSign certificate authority (CA). This particular version is usually found on Windows 7 Professional (6.1.7600.0).

Details

File name:	pipinstaller_pltv52.exe
Publisher:	Ask.com
Product name:	Offercast - APN Install Manager
Typical file path:	C:\users\user\appdata\Local\Temp\nsh6378.tmp\pipinstaller_pltv52.exe
Original name:	AskInstaller.exe
File version:	2.8.0.2
Size:	988.92 KB (1,012,656 bytes)
Build date:	6/19/2013 6:02 PM
Certificate
Issued to:	Ask.com
Authority (CA):	VeriSign
Digital DNA
File packed:	No
.NET CLR:	No

More details

Behaviors

Startup files (user) run once

Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'

'PIP' → C:\users\user\appdata\Local\Temp\nsqD3ED.tmp\PIPInstaller_PLTV52.exe -rb

Malware detections

Based on 40+ industry antivirus scanners, 3 of them detected the following malware.

Antivirus engine	Engine version	Detection
Dr.Web	8.13.10.10	Adware.Downware.1417
ESET NOD32	7.8880	a variant of Win32/Bundled.Toolbar.Ask.D
Malwarebytes	1.75.0.1	PUP.Optional.BundledToolBar.A

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.66234136%	0.028634%
Kernel CPU:	0.08438872%	0.013761%
User CPU:	0.57795264%	0.014873%
Memory
Private (maximum):	18.73 MB
Private (minimum):	18.72 MB

Process properties

Platform:	32-bit
Command lines:	"C:\users\user\appdata\local\temp\nsh6378.tmp\pipinstaller_pltv52.exe" -b -se -ppd 1620 C:\users\user\appdata\local\temp\nsh6378.tmp\pipinstaller_pltv52.exe -b
Owner:	User
Parent processes:	pipinstaller_pltv52.exe (Offercast - APN Install Manager by Ask.com) pal_install_id_r109860_a3000.exe (Paltalk Messenger Setup by Paltalk.com)

Distribution by Windows OS

OS version	distribution
Windows 7 Professional	100.00%

Distribution by PC manufacturer

PC Manufacturer	distribution
MSI	100.00%

Remove Adware and Spyware Programs, FREE Download!