wxstations.exe

Windows Win 7 DDK driver

System Alerts LLC

The application wxstations.exe, “Sample LSP Installer” by System Alerts has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Desktop Temperature Monitor by System Alerts LLC which is a potentially unwanted software program.
Publisher:
Windows (R) Win 7 DDK provider  (signed by System Alerts LLC)

Product:
Windows (R) Win 7 DDK driver

Description:
Sample LSP Installer

Version:
6.1.7600.16385

MD5:
e20ea8b023b5bb7416c48549c6307baa

SHA-1:
ac95dfe0ac435b3b75652789199c6a73ec32fc8e

SHA-256:
7bab726d58f5912dfa0b33f7c6ec2293713571f301adfbcc136bcc6f7471223a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 12:26:53 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SystemAlerts.Installer (M)
16.1.3.11

File size:
161.2 KB (165,112 bytes)

Product version:
6.1.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
RegisterLSP.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\desktoptemperature\wxstations.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
11/12/2013 6:00:00 PM

Valid to:
11/13/2014 5:59:59 PM

Subject:
CN=System Alerts LLC, O=System Alerts LLC, STREET=250 Park Ave Ste 504, L=Minneapolis, S=MN, PostalCode=55415, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D56696E8C583BF7F09BCCC24A2AB8310

File PE Metadata
Compilation timestamp:
6/18/2010 5:47:59 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
3072:WT96QCrt0BHn9NbopVSmKxiZHF8s7VOlVTTK:k8TGHn3UpVSmrNYl5O

Entry address:
0xD4E9

Entry point:
E8, 97, 6A, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 56, E8, CF, 14, 00, 00, 50, E8, 18, 6B, 00, 00, 59, 59, 85, C0, 74, 7C, E8, EB, C3, FF, FF, 83, C0, 20, 3B, F0, 75, 04, 33, C0, EB, 0F, E8, DB, C3, FF, FF, 83, C0, 40, 3B, F0, 75, 60, 33, C0, 40, FF, 05, 20, 6F, 42, 00, F7, 46, 0C, 0C, 01, 00, 00, 75, 4E, 53, 57, 8D, 3C, 85, 30, 6F, 42, 00, 83, 3F, 00, BB, 00, 10, 00, 00, 75, 20, 53, E8, A5, 16, 00, 00, 59, 89, 07, 85, C0, 75, 13, 8D, 46, 14, 6A, 02, 89, 46, 08, 89, 06, 58, 89, 46...
 
[+]

Entropy:
6.5653

Code size:
118 KB (120,832 bytes)

The file wxstations.exe has been discovered within the following programs.

Desktop Temperature Monitor  by System Alerts LLC
The free version is ad-supported software (also known as adware) web browser plugin that displays advertisements such as coupon ads in the browser that are displayed on web pages that are not associated with the plugin or would not otherwise appear.
desktoptemperaturemonitor.com
74% remove it
 
Powered by Should I Remove It?

Remove wxstations.exe - Powered by Reason Core Security