home

195938.exe

Windows Live

Microsoft Corporation

This is a setup and installation application. This file is installed with the program Windows Live Essentials. The file has been seen being downloaded from wl.dlservice.microsoft.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Windows Live

Description:
Windows Live Installer

Version:
15.4.3538.0513

MD5:
bf675c4699219cb14ff26cb59a6f3a13

SHA-1:
1f7c87b8aa80126b1b3f089d9e4d710dc69f849d

SHA-256:
5e1a45e23394dfdb76451ff4b25e245c7e98b1a9e7628e0ddfbce37fbadb2ef6

Scanner detections:
1 / 68

Status:
Clean  (1 false positive detection)
Whitelisted (by digital signature)

Analysis date:
11/15/2024 5:02:57 AM UTC  (today)

Scan engine
Detection
Engine version

XVirus List
Win.Detected
2.3.31

File size:
1.2 MB (1,287,016 bytes)

Product version:
15.4.3538.0513

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
wlsetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\allmyapps\install\195938.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
2/21/2011 9:53:12 PM

Valid to:
5/21/2012 10:53:12 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6101B29B000000000015

File PE Metadata
Compilation timestamp:
5/14/2011 12:21:08 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:dgTcTKkGwxkK2m97gq0h1/aMM70icywa1sPWb5IsEi0cFBNk1f:2iFGwHe/at0ve2PWm6hkp

Entry address:
0x34D2A

Entry point:
E8, 49, 38, 00, 00, E9, 74, FE, FF, FF, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 5D, E9, 5D, 03, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 51, C7, 01, 00, 4F, 40, 00, E8, BC, 38, 00, 00, 59, C3, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, DE, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, C2, FF, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, F7, 38, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 8B...
 
[+]

Code size:
922.5 KB (944,640 bytes)

The file 195938.exe has been discovered within the following program.

Windows Live Essentials  by Microsoft Corporation
Windows Live Essentials is a suite of freeware applications by Microsoft that aims to offer integrated and bundled e-mail, instant messaging, photo-sharing, blog publishing, and security services.
explore.live.com/windows-live-essentials
10% remove it
 
Powered by Should I Remove It?

The file 195938.exe has been seen being distributed by the following 40 URLs.

http://wl.dlservice.microsoft.com/download/8/4/2/842B8F5F-138A-49A9-B162-131344A2546B/.../wlsetup-web.exe

http://download.informer.com/.../wlsetup-web.exe

http://www.techspot.com/downloads/downloadnow/.../?evp=549a6039e123089f308d8b500f93f1e4&file=2

https://docs.google.com/uc?authuser=0&id=0B1gCIyhBxM6HaF8tT0xmSmgwVzA&export=download

http://gsf-cf.softonic.com/1f7/c87/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28566&instance=softonic_en&type=PROGRAM&Expires=1438046223&Signature=eOAjtjJCt8xvv2G2GPiSJPwfeYcBQVZlcdIGolh-14JieP-JV8A0NKqdqPWCez8SZuJdy2ff7YPf8QkvmV3g01AXY~0f3yu2WUunDCbpTXU9O9HvrC3PG-mLnQX9KUwgeQeuCvif3zs14VzXooooGWa85uqkWEdspySjxoU3jLY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wlsetup-web.exe

http://wl.dlservice.microsoft.com/download/1/9/4/194B1919-A211-441F-BC0E-34F6B533B876/.../wlsetup-web.exe

http://download.freedownloadmanager.org/Windows-PC/.../FREE-14.0.7172.5000.html?ace4f

http://click.linksynergy.com/deeplink?id=je6NUbpObpQ&mid=24542&u1=iqpu6klyns012cq702e0q&murl=http://go.microsoft.com/fwlink/.../?LinkID=255475

https://onedrive.live.com/download.aspx?cid=516E46E2896C40BA&resid=516E46E2896C40BA!755&canary=z/.../1cX8HTrqprWNW0HDP3fK7Ank7yukM=3&ithint=.exe

https://download.microsoft.com/download/2/C/7/.../wlsetup-web.exe

http://i_ine-hn-org_windows-live-messenger.fiworatereuy.com/crawled_soft/2/5/.../25309-665529-windows-live-messenger.exe

http://fs12.filehippo.com/3172/.../wlsetup-web.exe

http://i_ine-hn-org_windows-live-messenger.fkiloredibo.com/crawled_soft/2/5/.../25309-665529-windows-live-messenger.exe

http://microsoft-office-outlook-connector.software.informer.com/.../

http://go.microsoft.com/fwlink/.../?LinkID=255475

http://fs31.filehippo.com/4725/.../wlsetup-web.exe

http://download.s32cdn.com/37/361658/.../wlsetupweb.exe

https://docs.google.com/uc?authuser=0&id=0B0NRFi_R1mlwcE5LOWp3U0ZZM2s&export=download

http://download.microsoft.com/download/C/E/4/.../wlsetup-web.exe

http://download.soft32.net/19/187295/.../wlsetupweb.exe

http://gsf-cf.softonic.com/1f7/c87/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28566&instance=softonic_en&type=PROGRAM&Expires=1435459613&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=BOg0QFcQyXveNz3~7QwSBJzeOJgSi7hgr4MZ3iMrCDSuQd1ZlZXRq~lk~bNup3wmoAxvxIJyadddsc00czX7H8vM4Kv5B2R3-1TUYJ~M1qXmcL~boaMMmA4f6S9FghjYACUuIpB3LmuxDui6gO2sK8iii6tIkbl~8CTY~rxwxVg_&filename=wlsetup-web.exe

http://windows-live-movie-maker.soft32.com/get/file/id/.../?gclid=CMe-w8n5vbICFSWoPAod_BkA5gno_download_manager=true

http://files.freetrialdownload.com/37/361658/.../wlsetupweb.exe

http://download.informer.com/.../wlsetup-web.exe

http://g.live.com/1rewlive5-web/.../wlsetup-web.exe

http://windows-live-movie-maker.soft32.com/get/file/id/.../

http://download.soft32.net/37/361658/.../wlsetupweb.exe

http://windows-live-movie-maker.soft32.com/get/file/id/.../?no_download_manager=true

https://download.microsoft.com/download/C/5/B/.../wlsetup-web.exe

http://download.itnt.netdna-cdn.com/19/187295/.../wlsetupweb.exe

Latest 30 of 40 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.