» 310.90-desktop-win8-win7-winvista-64bit-english-whql.exe
Overview
Analysis
File Details
Programs (1)
Downloads (2)

310.90-desktop-win8-win7-winvista-64bit-english-whql.exe

NVIDIA Package Launcher

NVIDIA Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from www.nvidiaforceware.fr and multiple other hosts.

File name:

310.90-desktop-win8-win7-winvista-64bit-english-whql.exe

Publisher:

NVIDIA Corporation (signed and verified)

Product:

NVIDIA Package Launcher

Version:

1.0.1

MD5:

fd186332ab54d90b52609a2662134f09

SHA-1:

13187d98a078d2a0a141bc5bccf8ecde659ae744

SHA-256:

47521c0cd016a858b8f98574f1e0696428ebf3bc6ceee2231943718b08a4bfe6

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/26/2024 2:49:08 PM UTC (today)

File size:

169.4 MB (177,652,768 bytes)

Product version:

1.0.1

Original file name:

PackageLauncher.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\310.90-desktop-win8-win7-winvista-64bit-english-whql.exe

Digital Signature

Signed by:

NVIDIA Corporation

Authority:

VeriSign, Inc.

Valid from:

9/2/2011 3:00:00 AM

Valid to:

9/2/2014 2:59:59 AM

Subject:

CN=NVIDIA Corporation, OU=Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NVIDIA Corporation, L=Santa Clara, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

43BB437D609866286DD839E1D00309F5

File PE Metadata

Compilation timestamp:

9/7/2012 6:32:08 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3145728:LNS5e0qrcQGjowTHR0qwOv7kMdUIpeIjm8Dmk4IklfWlwPwnp2uGNnWAHjEKLWfH:ZS5FqwvHM252IjmmmhIi5wp2uGRWkNyP

Entry address:

0x4FE01

Entry point:

E8, 10, B0, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 14, A1, 4C, F9, 48, 00, 33, C5, 89, 45, FC, 53, 56, 33, DB, 57, 8B, F1, 39, 1D, 78, 15, 49, 00, 75, 38, 53, 53, 33, FF, 47, 57, 68, A8, 44, 47, 00, 68, 00, 01, 00, 00, 53, FF, 15, 04, 12, 47, 00, 85, C0, 74, 08, 89, 3D, 78, 15, 49, 00, EB, 15, FF, 15, 48, 12, 47, 00, 83, F8, 78, 75, 0A, C7, 05, 78, 15, 49, 00, 02, 00, 00, 00, 39, 5D, 14, 7E, 22, 8B, 4D, 14, 8B, 45, 10, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, 45, 14, 2B, C1... 
[+]

Entropy:

7.9995 (probably packed)

Code size:

446 KB (456,704 bytes)

The file 310.90-desktop-win8-win7-winvista-64bit-english-whql.exe has been discovered within the following program.

360Amigo System Speedup Free by 360Amigo

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.360amigo.com

53% remove it

The file 310.90-desktop-win8-win7-winvista-64bit-english-whql.exe has been seen being distributed by the following 2 URLs.

http://www.nvidiaforceware.fr/fichier/6d3185226a6252d96b0621a8e82ab018/5706530e/.../NVIDIA_GeForce_3_8360.exe

http://us.download.nvidia.com/Windows/.../310.90-desktop-win8-win7-winvista-64bit-english-whql.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.