home

LWEMon.exe

Logitech Gaming Software

Logitech

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Start WingMan Profiler’.
Publisher:
Logitech Inc.  (signed by Logitech)

Product:
Logitech Gaming Software

Description:
Logitech WingMan Event Monitor

Version:
5.10.127

MD5:
2ce84ca894754965381b2c2421106136

SHA-1:
f7fca783f65c2f6b8efa0dda43c2c0aa426e592e

SHA-256:
c5b5a5fa6b6ecc5d806a5c774e38ce9529fd5908342c6851ba1ff1180e05ddeb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:50:02 AM UTC  (today)

File size:
150.1 KB (153,672 bytes)

Product version:
5.10.127

Copyright:
© 1999-2010 Logitech. All rights reserved.

Trademarks:
Logitech, the Logitech logo, and other Logitech marks are owned by Logitech and may be registered. All other trademarks are the property of their res

Original file name:
LWEMon.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\logitech\gaming software\lwemon.exe

Digital Signature
Signed by:
Logitech

Authority:
VeriSign, Inc.

Valid from:
12/1/2009 3:00:00 AM

Valid to:
1/18/2012 2:59:59 AM

Subject:
CN=Logitech, OU=Gaming, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Logitech, L=Fremont, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
786F9512D3157EFD9BA4476044E54D1E

File PE Metadata
Compilation timestamp:
6/15/2010 1:59:28 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:aVqpB9/rpYk8vXcYZ8O2A3xgdLOkUHVHtXrc9eDPqmuSG1qSrs0fc9lA:vB8vsYLxIOkUHVHtXznBEs0gA

Entry address:
0x9547

Entry point:
E8, BE, F7, FF, FF, E9, 3A, FD, FF, FF, 53, 8A, 5C, 24, 08, F6, C3, 02, 56, 8B, F1, 74, 24, 57, 68, EA, 99, 40, 00, 8D, 7E, FC, FF, 37, 6A, 0C, 56, E8, 51, 01, 00, 00, F6, C3, 01, 74, 07, 57, E8, FC, F7, FF, FF, 59, 8B, C7, 5F, EB, 13, E8, 63, 04, 00, 00, F6, C3, 01, 74, 07, 56, E8, E6, F7, FF, FF, 59, 8B, C6, 5E, 5B, C2, 04, 00, 6A, 14, 68, 20, E5, 40, 00, E8, 72, 03, 00, 00, FF, 35, 68, 2B, 41, 00, 8B, 35, 20, B6, 40, 00, FF, D6, 59, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, 24, B6, 40, 00, 59...
 
[+]

Entropy:
6.7620

Code size:
39 KB (39,936 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Start WingMan Profiler

Command:
C:\Program Files\logitech\gaming software\lwemon.exe \noui


Scan LWEMon.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.