home

downloaddrivers.vshost.exe

Microsoft Visual Studio 2010

TLAPIA

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The application downloaddrivers.vshost.exe, “vshost32-clr2.exe” by TLAPIA has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Microsoft Corporation  (signed by TLAPIA)

Product:
Microsoft (R) Visual Studio (R) 2010

Description:
vshost32-clr2.exe

Version:
10.0.30319.1

MD5:
60507b73de96f9beb7d17e399125bfbe

SHA-1:
245496664e4b66dc8dc6df263af03465500dab73

SHA-256:
ad00e2a7d685ef9352e94afd1b2b9cb54b8f70bf01d3dd0a8ec3d05f08a77f36

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 3:16:06 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TLAPIA (M)
16.3.7.12

File size:
11.8 KB (12,056 bytes)

Product version:
10.0.30319.1

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
vshost32-clr2.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\download your driver\downloaddrivers.vshost.exe

Digital Signature
Signed by:
TLAPIA

Authority:
VeriSign, Inc.

Valid from:
1/22/2013 1:00:00 AM

Valid to:
1/23/2014 12:59:59 AM

Subject:
CN=TLAPIA, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TLAPIA, L=Montevideo, S=montevideo, C=UY

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
59F70BE7091286E5251B02778D136FF2

File PE Metadata
Compilation timestamp:
3/18/2010 12:02:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
192:4W7YwxBWAW7dWinYe+PjPprlCcK+vEZr9ZCspE+TMQrUeQ5:4gYuYAW7dWinYPLWcOMeMU0

Entry address:
0x2A7E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
3 KB (3,072 bytes)

Remove downloaddrivers.vshost.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.