home

msn messenger.exe

msn-messenger

Solimba Aplicaciones S.L.

This is the Solimba installer program that will bundle additional offers mostly including adware and various unwanted PC utilities. The application msn messenger.exe by Solimba Aplicaciones S.L has been detected as adware by 10 anti-malware scanners. The program is a setup application that uses the Solimba DownloadMR installer. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.
Publisher:
Solimba Aplicaciones S.L.  (signed and verified)

Product:
msn-messenger

Version:
2.2.49.0

MD5:
d53fead5cc0a67004cb2f66c98b61344

SHA-1:
37695e6b79d1709475276f782ff785ec1f1429ba

SHA-256:
4a6278cf8998706fa7530b814146218e7ec81dc28eed4b47230e1d5ee561032c

Scanner detections:
10 / 68

Status:
Adware

Explanation:
Uses the Solimba installer to bundle adware offers.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
4/25/2024 1:12:08 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Solimba.Gen
7.11.61.124

avast!
MSIL:Solimba-Q [PUP]
2014.9-160215

Dr.Web
Adware.Downware.798
9.0.1.046

ESET NOD32
MSIL/Solimba
10.8020

Fortinet FortiGate
Adware/Solimba
2/15/2016

Malwarebytes
PUP.Offerware
v2016.02.15.06

Reason Heuristics
PUP.Solimba.SolimbaAplicaciones.Bundler (M)
16.2.15.18

SUPERAntiSpyware
PUP.Offerware
9321

Trend Micro House Call
TROJ_GEN.RCBH1B1
7.2.46

VIPRE Antivirus
DownloadMR
16220

File size:
174.5 KB (178,728 bytes)

Copyright:
(c) 2010 (2012-12-28 17:12)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Solimba DownloadMR

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\msn messenger.exe

Digital Signature
Signed by:
Solimba Aplicaciones S.L.

Authority:
VeriSign, Inc.

Valid from:
5/16/2011 2:00:00 AM

Valid to:
5/16/2013 1:59:59 AM

Subject:
CN=Solimba Aplicaciones S.L., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Solimba Aplicaciones S.L., L=Badalona, S=Barcelona, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
450EE582E26020D5F7632F2BECC6C5BD

File PE Metadata
Compilation timestamp:
8/30/2011 5:46:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.21

CTPH (ssdeep):
3072:9nOn7t7XpdpCCTg/sxFgJDu2C2RcLv7dJl+SlddE1LeaYIANUimcow8jFYy8:9KpdcCrTqiUcLZJl+SlWeaNAN5mnwyF

Entry address:
0x4327

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 83, 42, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 84, 42, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 84, 42, 00, 56, A3, 40, 6B, 42, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8D, 3B, 00, 00, A3, 9C, 6B, 42, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 01, B3, 40, 00, FF, 15, AC, 84, 42, 00, 83, EC, 14, C7, 44, 24, 04, 02, B3, 40, 00, C7...
 
[+]

Code size:
34.5 KB (35,328 bytes)

Remove msn messenger.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.