advisorinstaller.exe

Belarc, Inc.

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from www.belarc.com and multiple other hosts.
Publisher:
Belarc, Inc.  (signed and verified)

Description:
Belarc Advisor Installer

Version:
8.4.0.0

MD5:
9ddb27486a41ab03bd3008eb8991839b

SHA-1:
13240e30fcdc2bf9141b5f494a2db714e2154fb8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 1:26:22 PM UTC  (today)

File size:
3.2 MB (3,331,832 bytes)

Copyright:
Copyright (c) 2013 Belarc, Inc.

File type:
Executable application (Win32 EXE)

Installer:
Wise Installer

Language:
English (United States)

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
11/26/2013 2:00:00 AM

Valid to:
10/29/2014 1:59:59 AM

Subject:
CN="Belarc, Inc.", OU=Secure Application Development, O="Belarc, Inc.", STREET=Two Clock Tower Place, STREET=Suite 520, L=Maynard, S=MA, PostalCode=01754, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
309E929B1D322FAFF801E45E7A62FA08

File PE Metadata
Compilation timestamp:
8/13/2001 8:13:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:vkQsLtnMutu0tqqQjIqbvzQLCBQYZ9Zk7Ey7:vcneWqqzOvzQLCBQG9ZXy7

Entry address:
0x21AF

Entry point:
55, 8B, EC, 81, EC, 2C, 05, 00, 00, 53, 56, 57, 6A, 01, 5E, 6A, 04, 89, 75, E8, FF, 15, 54, 40, 40, 00, FF, 15, 50, 40, 40, 00, 8B, F8, 89, 7D, F4, 8A, 07, 3C, 22, 0F, 85, CC, 00, 00, 00, 8A, 47, 01, 47, 89, 7D, F4, 33, DB, 3A, C3, 74, 0D, 3C, 22, 74, 09, 8A, 47, 01, 47, 89, 7D, F4, EB, EF, 80, 3F, 22, 75, 04, 47, 89, 7D, F4, 80, 3F, 20, 75, 09, 47, 80, 3F, 20, 74, FA, 89, 7D, F4, 53, FF, 15, 6C, 40, 40, 00, 80, 3F, 2F, 89, 45, F8, 75, 64, 8A, 47, 01, 3C, 53, 74, 04, 3C, 73, 75, 06, 89, 35, 58, 53, 40, 00...
 
[+]

Entropy:
7.9995

Packer / compiler:
Wise Installer Stub

Code size:
8.5 KB (8,704 bytes)

The file advisorinstaller.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file advisorinstaller.exe has been seen being distributed by the following 4 URLs.

http://www.belarc.com/.../advisor.exe

Scan advisorinstaller.exe - Powered by Reason Core Security