home

ar500enu.exe

PackageForTheWeb Stub

Adobe Systems, Incorporated

The program is a setup application that uses the InstallShield Setup installer. The file has been seen being downloaded from software.oldversion.com and multiple other hosts.
Publisher:
InstallShield Software Corporation  (signed by Adobe Systems, Incorporated)

Product:
PackageForTheWeb Stub

Version:
2.02.001

MD5:
ea698fdd033ae1b596877a5a76681a4c

SHA-1:
fcba8a2326bef49da562bf129be168cd11b357e1

SHA-256:
1cffdcfa98f28a9e8cc6515791817f8d14cabe91903848c1552b3bd6d6b4c9bb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 8:50:18 PM UTC  (today)

File size:
8.4 MB (8,820,072 bytes)

Product version:
2.02.001

Copyright:
Copyright © 1996 InstallShield Software Corporation

Original file name:
STUB32.EXE

File type:
Executable application (Win32 EXE)

Installer:
InstallShield Setup

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\support\acrobat\ar500enu.exe

Digital Signature
Signed by:
Adobe Systems, Incorporated

Authority:
VeriSign, Inc.

Valid from:
10/22/2000 5:00:00 PM

Valid to:
10/23/2001 4:59:59 PM

Subject:
OU=Acrobat Engineering, CN="Adobe Systems, Incorporated", L=San Jose, S=CA, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU="www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)96", OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Issuer:
OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Serial number:
4BC7C2D2C67CBB6209EFC7AC7062AE08

File PE Metadata
Compilation timestamp:
3/26/1998 7:31:20 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
196608:TZFkAvtkMbVOn2AYSr/3C9FYWKrRSVSupLiP2obW8cZ6Hf4rjjcaR:dFkAvtwnjYSWQWuohAPDW8I8+caR

Entry address:
0xC110

Entry point:
55, 8B, EC, 6A, FF, 68, 40, 21, 41, 00, 68, 68, EC, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, C4, A8, 53, 56, 57, 89, 65, E8, FF, 15, 58, A4, 41, 00, 33, D2, 8A, D4, 89, 15, 38, 74, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 34, 74, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 30, 74, 41, 00, C1, E8, 10, A3, 2C, 74, 41, 00, E8, 94, 01, 00, 00, 85, C0, 75, 0A, 6A, 1C, E8, 39, 01, 00, 00, 83, C4, 04, C7, 45, FC, 00, 00, 00, 00, E8, EA, 27, 00, 00, E8, D5, 27, 00, 00, FF, 15, 5C, A4, 41...
 
[+]

Entropy:
7.9966

Developed / compiled with:
Microsoft Visual C++

Code size:
67.5 KB (69,120 bytes)

The file ar500enu.exe has been discovered within the following programs.

AOL Mail and AIM Gadget  by AOL Inc.
Publisher's description - “With the AOL Mail and AIM Vista Sidebar Gadget your email, instant messages and BuddyList window are always within easy reach right on your desktop. And you don't even have to open up your Web browser or AOLsoftware to get to them.”
www.aol.com
21% remove it
Color iControl  by GretagMacbeth
www.XRite.com
About 6% of users remove it
JCAHPO Learning Systems  by JCAHPO Learning Systems
About 2% of users remove it
Politikens Danskordbog  by Politikens Forlag A/S
www.polforlag.dk
About 6% of users remove it
Politikens Engelsk-Dansk Dansk-Engelsk Ordbog  by Politikens Forlag A/S
About 4% of users remove it
Politikens Nudansk Ordbog  by Politikens Forlag A/S
About 5% of users remove it
Politikens Nudansk Ordbog med etymologi  by Politikens Forlag A/S
About 2% of users remove it
Politikens Tysk-Dansk Dansk-Tysk Ordbog  by Politikens Forlag A/S
About 6% of users remove it
Sonic Encoders  by Sonic Solutions
Sonic encoders is a softwatre that us used in Windows Xp to record movies or burn DVD.
www.sonic.com
21% remove it
 
Powered by Should I Remove It?

The file ar500enu.exe has been seen being distributed by the following 23 URLs.

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NjI1NjE5NjtzOjI6ImlkIjtpOjQ3NTQ7czo0OiJmaWxlIjtzOjE3OiI1LjBfYWNyb2JhdDUwLmV4ZSI7czozOiJ1cmwiO3M6NTI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9hY3JvYmF0LXJlYWRlci01LTAiO3M6NDoicGFzcyI7czozMjoiMjc0NDg3NzIwM2ExOTA0NDQ0MGQ3ZjFjMDE4MDViN2YiO30=

about:internet

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NDU4NDYyNztzOjI6ImlkIjtpOjQ3NTQ7czo0OiJmaWxlIjtzOjE3OiI1LjBfYWNyb2JhdDUwLmV4ZSI7czozOiJ1cmwiO3M6NTI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9hY3JvYmF0LXJlYWRlci01LTAiO3M6NDoicGFzcyI7czozMjoiNjk0ZTA0MzJiZjAyZDhkZTMxOTE5MDVmMTMyMTQxODMiO30=

http://africainternational.org/.../Reader5.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NTI1ODcxMjtzOjI6ImlkIjtpOjQ3NTQ7czo0OiJmaWxlIjtzOjE3OiI1LjBfYWNyb2JhdDUwLmV4ZSI7czozOiJ1cmwiO3M6NTI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9hY3JvYmF0LXJlYWRlci01LTAiO3M6NDoicGFzcyI7czozMjoiY2I3YzA0NGZhZGQ3MjVkMjUyZGMzOWFhZjJlZTNlYmEiO30=

http://handasa.complot.co.il/.../ar500enu.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3OTE0MTc2MztzOjI6ImlkIjtpOjQ3NTQ7czo0OiJmaWxlIjtzOjE3OiI1LjBfYWNyb2JhdDUwLmV4ZSI7czozOiJ1cmwiO3M6NTI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9hY3JvYmF0LXJlYWRlci01LTAiO3M6NDoicGFzcyI7czozMjoiNGI1NDU3NWVhODI5ZDFkZGY0YzQ5YzdlMmY2OTc0ZjMiO30=

http://www.zmora.org.il/.../ar500enu.exe

http://download-euro.oldapps.com/.../ar500enu.exe

http://147.236.237.215/.../ar500enu.exe

http://147.236.237.225/.../ar500enu.exe

http://www.mgu.bg/drugi/ebooks/mt/.../ar500enu.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ0NjYzNzU5ODtzOjI6ImlkIjtpOjQ3NTQ7czo0OiJmaWxlIjtzOjE3OiI1LjBfYWNyb2JhdDUwLmV4ZSI7czozOiJ1cmwiO3M6NTI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9hY3JvYmF0LXJlYWRlci01LTAiO3M6NDoicGFzcyI7czozMjoiMjc1ZGM5MDA2YTFlMjlhMGE3ZTU2MWQzOGU2NDI3NjAiO30=

http://www.oldapps.com/adobe_reader.php?app=EA698FDD033AE1B596877A5A76681A4C

http://duplicatebill.wasalhr.punjab.gov.pk/.../ar500enu.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQyMDgzNjU3NjtzOjI6ImlkIjtpOjQ3NTQ7czo0OiJmaWxlIjtzOjE3OiI1LjBfYWNyb2JhdDUwLmV4ZSI7czozOiJ1cmwiO3M6NTI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9hY3JvYmF0LXJlYWRlci01LTAiO3M6NDoicGFzcyI7czozMjoiNDhkNzlmZmI2YzZkZTRiNTk1ZGE0N2I4ZTg4Y2IyZTEiO30=

ftp://ftp.adobe.com/pub/adobe/acrobatreader/win/.../ar500enu.exe

http://www.sw-phayao.ac.th/.../ar500enu.exe

http://savealot.storenext.com/retalixrema/HELP/.../ar500enu.exe

http://science.edu.cmu.ac.th/.../ar500enu.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ1MTIxMTgzODtzOjI6ImlkIjtpOjQ3NTQ7czo0OiJmaWxlIjtzOjE3OiI1LjBfYWNyb2JhdDUwLmV4ZSI7czozOiJ1cmwiO3M6NTI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9hY3JvYmF0LXJlYWRlci01LTAiO3M6NDoicGFzcyI7czozMjoiYzViNzVmMjA0N2Y2MjU3ZmY1NmUyNmI0YzBmZGJjZjciO30=

http://vechi.upg-ploiesti.ro/col/.../ar500enu.exe

https://dbill.ptcl.net.pk/.../ar500enu.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.