» wxstations.exe
Overview
Analysis
File Details
Programs (1)

wxstations.exe

Windows Win 7 DDK driver

System Alerts LLC

The application wxstations.exe, “Sample LSP Installer” by System Alerts has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Desktop Temperature Monitor by System Alerts LLC which is a potentially unwanted software program.

File name:

wxstations.exe

Publisher:

Windows (R) Win 7 DDK provider (signed by System Alerts LLC)

Product:

Windows (R) Win 7 DDK driver

Description:

Sample LSP Installer

Version:

6.1.7600.16385

MD5:

e20ea8b023b5bb7416c48549c6307baa

SHA-1:

ac95dfe0ac435b3b75652789199c6a73ec32fc8e

SHA-256:

7bab726d58f5912dfa0b33f7c6ec2293713571f301adfbcc136bcc6f7471223a

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/23/2024 7:18:55 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.SystemAlerts.Installer (M)

16.1.3.11

File size:

161.2 KB (165,112 bytes)

Product version:

6.1.7600.16385

Original file name:

RegisterLSP.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\desktoptemperature\wxstations.exe

Digital Signature

Signed by:

System Alerts LLC

Authority:

COMODO CA Limited

Valid from:

11/12/2013 6:00:00 PM

Valid to:

11/13/2014 5:59:59 PM

Subject:

CN=System Alerts LLC, O=System Alerts LLC, STREET=250 Park Ave Ste 504, L=Minneapolis, S=MN, PostalCode=55415, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D56696E8C583BF7F09BCCC24A2AB8310

File PE Metadata

Compilation timestamp:

6/18/2010 5:47:59 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

3072:WT96QCrt0BHn9NbopVSmKxiZHF8s7VOlVTTK:k8TGHn3UpVSmrNYl5O

Entry address:

0xD4E9

Entry point:

E8, 97, 6A, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 56, E8, CF, 14, 00, 00, 50, E8, 18, 6B, 00, 00, 59, 59, 85, C0, 74, 7C, E8, EB, C3, FF, FF, 83, C0, 20, 3B, F0, 75, 04, 33, C0, EB, 0F, E8, DB, C3, FF, FF, 83, C0, 40, 3B, F0, 75, 60, 33, C0, 40, FF, 05, 20, 6F, 42, 00, F7, 46, 0C, 0C, 01, 00, 00, 75, 4E, 53, 57, 8D, 3C, 85, 30, 6F, 42, 00, 83, 3F, 00, BB, 00, 10, 00, 00, 75, 20, 53, E8, A5, 16, 00, 00, 59, 89, 07, 85, C0, 75, 13, 8D, 46, 14, 6A, 02, 89, 46, 08, 89, 06, 58, 89, 46... 
[+]

Entropy:

6.5653

Code size:

118 KB (120,832 bytes)

The file wxstations.exe has been discovered within the following programs.

Desktop Temperature Monitor by System Alerts LLC

The free version is ad-supported software (also known as adware) web browser plugin that displays advertisements such as coupon ads in the browser that are displayed on web pages that are not associated with the plugin or would not otherwise appear.

desktoptemperaturemonitor.com

74% remove it

Remove wxstations.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.