home

advisor.exe

Belarc Inc

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from gsf-cf.softonic.com.
Publisher:
Belarc, Inc.  (signed by Belarc Inc)

Description:
Belarc Advisor Installer

Version:
8.1.16.7

MD5:
4578572e6fc0080dcfd8909649e085c8

SHA-1:
d2a7bc2e3e4084c163c9f350aaa7d54498b9a5ba

SHA-256:
9f6514c04ec7d1b760dbc0c65b482b8f33c39bf6722c4ba20b1b19d284c5fb37

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2025 4:54:49 PM UTC  (today)

File size:
2.3 MB (2,437,792 bytes)

Copyright:
Copyright (c) 2011 Belarc, Inc.

File type:
Executable application (Win32 EXE)

Installer:
Wise Installer

Language:
English (United States)

Common path:
C:\users\{user}\downloads\advisor.exe

Digital Signature
Signed by:
Belarc Inc

Authority:
Thawte, Inc.

Valid from:
10/28/2010 8:00:00 PM

Valid to:
10/29/2011 7:59:59 PM

Subject:
CN=Belarc Inc, OU=Secure Application Development, O=Belarc Inc, L=Maynard, S=Massachusetts, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
57DD26EC90E61323C437981C6B0DF9F8

File PE Metadata
Compilation timestamp:
4/8/1999 4:24:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:mzvnXIWc3bCw6ReCitEYwXd4sTg0BhjTZp33EzBenAzQ4G8:+IWqZ6ETeYLsTg6hjTL3K4AzbG8

Entry address:
0x1000

Entry point:
55, 8B, EC, 81, EC, 78, 05, 00, 00, 53, 56, BE, 04, 01, 00, 00, 57, 8D, 85, 94, FD, FF, FF, 56, 33, DB, 50, 53, FF, 15, 34, 20, 40, 00, 8D, 85, 94, FD, FF, FF, 56, 50, 8D, 85, 94, FD, FF, FF, 50, FF, 15, 30, 20, 40, 00, 8B, 3D, 2C, 20, 40, 00, 53, 53, 6A, 03, 53, 6A, 01, 8D, 85, 94, FD, FF, FF, 68, 00, 00, 00, 80, 50, FF, D7, 83, F8, FF, 89, 45, FC, 0F, 84, 7B, 01, 00, 00, 8D, 85, 90, FC, FF, FF, 50, 56, FF, 15, 28, 20, 40, 00, 8D, 85, 98, FE, FF, FF, 50, 53, 8D, 85, 90, FC, FF, FF, 68, 10, 30, 40, 00, 50...
 
[+]

Entropy:
7.9981

Packer / compiler:
Wise Installer Stub

Code size:
512 Bytes (512 bytes)

The file advisor.exe has been discovered within the following program.

360Amigo System Speedup Free  by 360Amigo
360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file advisor.exe has been seen being distributed by the following URL.

http://gsf-cf.softonic.com/d2a/7bc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21082&instance=softonic_it&type=PROGRAM&Expires=1465882013&Signature=ERiPLfzqOnBQjYI7jdgoCGyx1BSOmOk8Bgqu1k4mv0jeNbJoANnHfLUbjHtYscd5dhnuqs4eGwQ4nzze-5d441ikXQsSAzIoX9tjxPUseOMvvYGWzmj99PmAL7deWLD0Tjcp4uS0G4DT0l42UHWwLeREvc90ZnedBIpVCR5PuY8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=advisor-8.1.16.7.exe

Scan advisor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.