home

LWEMon.exe

Logitech Gaming Software

Logitech

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Start WingMan Profiler’.
Publisher:
Logitech Inc.  (signed by Logitech)

Product:
Logitech Gaming Software

Description:
Logitech WingMan Event Monitor

Version:
5.06.192

MD5:
6968752dcf4bf1e7adf7b422a94e7875

SHA-1:
55aeca865a41a3f878c37f0c9164605ede1acad2

SHA-256:
af08ba4682d9ed976315e6d19bc95ffe3b4244518ec4e6bb31f9c9c539c8b90a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:50:51 PM UTC  (a few moments ago)

File size:
129.5 KB (132,616 bytes)

Product version:
5.06.192

Copyright:
© 1999-2009 Logitech. All rights reserved.

Trademarks:
Logitech, the Logitech logo, and other Logitech marks are owned by Logitech and may be registered. All other trademarks are the property of their res

Original file name:
LWEMon.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\logitech\gaming software\lwemon.exe

Digital Signature
Signed by:
Logitech

Authority:
VeriSign, Inc.

Valid from:
1/18/2008 1:00:00 AM

Valid to:
1/18/2010 12:59:59 AM

Subject:
CN=Logitech, OU=Gaming, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Logitech, L=Fremont, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
45405545AD8A4FFCCDE8072FAF454711

File PE Metadata
Compilation timestamp:
6/11/2009 7:38:32 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:1aWgIpfksRzVir1MK0QAuMlm2tOz6HGz9MuzVo:Bfkcg6HlEKOz6HG6t

Entry address:
0xD6B0

Entry point:
48, 83, EC, 28, E8, A7, F5, FF, FF, 48, 83, C4, 28, E9, BE, FC, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 10, 56, 48, 83, EC, 20, F6, C2, 02, 8B, F2, 48, 8B, D9, 74, 3D, 44, 8B, 41, F8, 4C, 8D, 0D, 9D, 04, 00, 00, BA, 18, 00, 00, 00, 48, 89, 7C, 24, 30, E8, E2, 01, 00, 00, 40, F6, C6, 01, 74, 09, 48, 8D, 4B, F8, E8, 2D, F7, FF, FF, 48, 8D, 43, F8, 48, 8B, 7C, 24, 30, 48, 8B, 5C, 24, 38, 48, 83, C4, 20, 5E, C3, E8, 66, 04, 00, 00, 40, F6, C6, 01, 74, 08, 48, 8B, CB, E8...
 
[+]

Code size:
52.5 KB (53,760 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Start WingMan Profiler

Command:
C:\Program Files\logitech\gaming software\lwemon.exe \noui


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.