home

SystemAdvisor.exe

SystemAdvisor

PC VITALWARE LLC

This is a setup program which is used to install the application. The file has been seen being downloaded from www.mysystemadvisor.com.
Publisher:
Advanced Tech Support Co  (signed by PC VITALWARE LLC)

Product:
SystemAdvisor

Version:
2.0.5.165

MD5:
ef0b7972245d8e8b3d5a331b45f4ad08

SHA-1:
6c19493d2540bccf4a83f5dfb217f603704c2c0c

SHA-256:
ef69baa8a6844292a0dd2cb9ff790cc7875ee4248e351b56f51d832e1c8eb3ac

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 12:34:49 AM UTC  (today)

File size:
19.7 MB (20,634,712 bytes)

Product version:
2.0.5.165

Copyright:
Copyright © 2014-2015

Original file name:
SystemAdvisor.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\systemadvisor.exe

Digital Signature
Signed by:
PC VITALWARE LLC

Authority:
thawte, Inc.

Valid from:
2/3/2016 5:00:00 PM

Valid to:
7/9/2016 5:59:59 PM

Subject:
CN=PC VITALWARE LLC, O=PC VITALWARE LLC, L=CORAL SPRINGS, S=FLORIDA, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
57980ACCB1CE5F795730E460EB4E6D7D

File PE Metadata
Compilation timestamp:
2/15/2016 8:33:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
393216:SdP2c/xLH164M4MRbwdj3TogBmkziZsMoIDmp7m42PfulwFUDi0IXE:4PHM7lc9m+iZVo3M42PfHE

Entry address:
0x13A8CCE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9540

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
19.7 MB (20,606,464 bytes)

The file SystemAdvisor.exe has been seen being distributed by the following URL.

http://www.mysystemadvisor.com/

Scan SystemAdvisor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.