ausetup.exe

Absolute Uninstaller

Glarysoft Ltd

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from downloader-ams1.disk.yandex.com.tr and multiple other hosts.
Publisher:
Glarysoft.com   (signed by Glarysoft Ltd)

Product:
Absolute Uninstaller

Description:
Absolute Uninstaller Setup

Version:
2.9.0.722

MD5:
66c78b021dab88dc02698879c41a94d2

SHA-1:
da2b21f083ecc9d4fff3daa4a87a8bbbdc1d113c

SHA-256:
390597737813b40fff0ff86fb26e1bf50d41193df34fce63a1ec9dd094113508

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 11:25:51 AM UTC  (today)

File size:
1.7 MB (1,775,808 bytes)

Product version:
2.9.0.722

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ausetup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
10/31/2012 8:00:00 PM

Valid to:
12/1/2015 6:59:59 PM

Subject:
CN=Glarysoft Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Glarysoft Ltd, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7ABBA622E23F817B27D68D43E6E39093

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:oa8ndr1C48xYUmXZclx2cxbvsPAE6EKKTkD59ia:l4dr848zmJM4AE6ka

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9852  (probably packed)

Code size:
37 KB (37,888 bytes)

The file ausetup.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file ausetup.exe has been seen being distributed by the following 9 URLs.

Scan ausetup.exe - Powered by Reason Core Security