home

msnchatmessenger_setup.exe

</h4> <h3>Air Software</h3> <div style="margin-top: 15px; margin-bottom: 25px;" id="summary">This is part of the Air Installer, a download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application msnchatmessenger_setup.exe by Air Software has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the AirInstaller Download Manager installer.</div> <div class="keyvaluepairs"> <div id="sectnav-overview" data-nav="nav-overview" class="keyvaluepair navsection" style="margin-top: 15px;"><div class="key">File name:</div><div class="value">msnchatmessenger_setup.exe</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Publisher:</div><div class="value">AirInstaller Inc.  (<span class="arevnounder" onclick="$('html,body').animate({scrollTop: $('#kvp-Signer').offset().top - 68}, 'normal');">signed by Air Software</span>)</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Product:</div><div class="value"><TITLE> </div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Version:</div><div class="value">2.0.3.13</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">MD5:</div><div class="value">fc97c54546950b5ce2cc2750bbe406eb</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">SHA-1:</div><div class="value">6db97e9710ad21b34314dcf429a3e28da6d32d2c</div><br style="clear:both;"></div> <div class="keyvaluepair keyvaluepair-last"><div class="key">SHA-256:</div><div class="value">8287217a2ae2476b92fad6c62f2ddbf39111fc39ac7e96fa0675f9efe251abe6</div><br style="clear:both;"></div> <div id="sectnav-analysis" data-nav="nav-analysis" class="header navsection">Analysis</div> <div class="keyvaluepair"><div class="key">Scanner detections:</div><div class="value"><span class="text-red">1 / 68</span></div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Status:</div><div class="value"><span class="text-red text-bold">Adware</span></div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Note:</div><div class="value" style="color: #777777;">Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Description:</div><div class="value" style="color: #777777;">This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.</div><br style="clear:both;"></div> <div class="keyvaluepair keyvaluepair-last"><div class="key">Analysis date:</div><div class="value">4/25/2024 8:43:18 PM UTC  <span style="color: #999999;">(today)</span></div><br style="clear:both;"></div> <div class="keyvaluepair" style="font-size: 11px; color: #999999;"><div class="analysis-engine">Scan engine</div><div class="analysis-result">Detection</div><div class="analysis-engineversion">Engine version</div><br style="clear:both;"></div> <div class="keyvaluepair keyvaluepair-last"><div class="analysis-engine engineicon engineicon-reason">Reason Heuristics</div><div class="analysis-result text-red">PUP.Air Software.AirSoftware.Bundler (M)</div><div class="analysis-engineversion">16.2.13.4</div><br style="clear:both;"></div> <div id="sectnav-details" data-nav="nav-details" class="header navsection">File Details</div> <div class="keyvaluepair"><div class="key">File size:</div><div class="value">2.1 MB (2,156,184 bytes)</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Product version:</div><div class="value">2.0.3.13</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Copyright:</div><div class="value">(c) AirInstaller. All rights reserved.</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Original file name:</div><div class="value">AirInstaller.exe</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">File type:</div><div class="value">Executable application (Win32 EXE)</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Bundler/Installer:</div><div class="value">AirInstaller Download Manager</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Language:</div><div class="value">English (United States)</div><br style="clear:both;"></div> <div class="keyvaluepair keyvaluepair-last"><div class="key">Common path:</div><div class="value" style="word-wrap: break-word;">C:\users\{user}\downloads\msnchatmessenger_setup.exe</div><br style="clear:both;"></div> <div id="kvp-Signer" class="subheader">Digital Signature</div> <div class="keyvaluepair"><div class="key">Signed by:</div><div class="value"><a href="/signer-air-software-36d5aa8967e82240d5afec2f301b54ed.aspx">Air Software</a></div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Authority:</div><div class="value">VeriSign, Inc.</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Valid from:</div><div class="value">3/1/2012 12:00:00 AM</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Valid to:</div><div class="value">3/1/2013 11:59:59 PM</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Subject:</div><div class="value">CN=Air Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Air Software, L=Victoria, S=British Columbia, C=CA</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Issuer:</div><div class="value">CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US</div><br style="clear:both;"></div> <div class="keyvaluepair keyvaluepair-last"><div class="key">Serial number:</div><div class="value">36D5AA8967E82240D5AFEC2F301B54ED</div><br style="clear:both;"></div> <div class="subheader">File PE Metadata</div> <div class="keyvaluepair"><div class="key">Compilation timestamp:</div><div class="value">11/7/2012 11:53:33 PM</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">OS version:</div><div class="value">5.1</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">OS bitness:</div><div class="value">Win32</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Subsystem:</div><div class="value">Windows GUI</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Linker version:</div><div class="value">10.0</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">CTPH (ssdeep):</div><div class="value" style="word-wrap: break-word;">49152:YdTxnTG32id4Btsf3I1fSMuxM9O0UCeHWKfn9ZNDDrgLJ4ah4bnGqKb8G6Oc5:YLk2id4BtOI1fSA9O0UCxKfn9bDrgLJo</div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Entry address:</div><div class="value">0x1432F2</div><br style="clear:both;"></div> <div id="divPEEntryPointBuffer" class="keyvaluepair" style="height: 20px; overflow: hidden;"><div class="key">Entry point:</div><div class="value" style="font-family: Monospace; color: #666666; font-size: 12px; position: relative;">E8, DF, 93, 00, 00, E9, 89, FE, FF, FF, 3B, 0D, B0, 9D, 5D, 00, 75, 02, F3, C3, E9, 66, 94, 00, 00, 8B, FF, 55, 8B, EC, 8B, 45, 14, 56, 85, C0, 74, 41, 83, 7D, 08, 00, 75, 13, E8, ED, 22, 00, 00, 6A, 16, 5E, 89, 30, E8, D4, 96, 00, 00, 8B, C6, EB, 2A, 83, 7D, 10, 00, 74, E7, 39, 45, 0C, 73, 0E, E8, CF, 22, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, DE, 50, FF, 75, 10, FF, 75, 08, E8, EA, 11, 00, 00, 83, C4, 0C, 33, C0, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8...<div id="overlayPEEntryPointBuffer" style="width: 580px; height: 33px; box-shadow: inset 0 -30px 11px -18px #ffffff; position: absolute; top: 0px;"> </div><span id="togglePEEntryPointBuffer" class="arevnounder" style="position: absolute; top: -1px; right: -10px;" onclick="$('#overlayPEEntryPointBuffer').hide(); $('#divPEEntryPointBuffer').css({ 'height': '' }); $(this).fadeOut('fast');">[+]</span></div><br style="clear:both;"></div> <div class="keyvaluepair"><div class="key">Entropy:</div><div class="value">6.4896</div><br style="clear:both;"></div> <div class="keyvaluepair keyvaluepair-last"><div class="key">Code size:</div><div class="value">1.5 MB (1,539,072 bytes)</div><br style="clear:both;"></div> </div> <div style="margin-top: 40px;"> <div style="background-image: url('/images/download24.png'); background-repeat: no-repeat; text-indent: 30px; height: 32px; text-align: left;"><a href="https://www.reasoncoresecurity.com/download-thank-you.aspx?dl=1&utm_source=hp&utm_medium=link&utm_campaign=resource" style="font-weight: bold; color: #075cae; font-size: 16px; text-decoration: underline;" title="Download Reason Core Security (free)...">Remove msnchatmessenger_setup.exe</a> <span style="font-size: 11px; color: #999999;">- Powered by Reason Core Security</span></div> </div> <div style="margin-top: 40px;"><img src="images/disclaimer.png" style="height: 110px; width: 765px;"></div> </div> </div> </div> <div class="sectionsignature"></div> </div> <div class="sectionfooter"> <div class="sectionfooter-top"> <div class="container"> herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection. </div> </div> <div class="sectionfooter-bottom"> <div class="container" style="padding: 10px 0px 80px 0px;"> <ul style="float: left; padding: 0px; margin: 0px;"> <li>© 2024 herdProtect</li> <li><a href="/">Home</a></li> <li><a href="/community.aspx">Community</a></li> <li><a href="/terms.aspx">Terms of Service</a></li> <li><a href="/privacy.aspx">Privacy Policy</a></li> <li><a href="/about.aspx">About</a></li> <li><a href="/contact.aspx">Contact</a></li> </ul> </div> </div> </div> </div> <div id="backgroundModal" style="position: fixed; left: 0; top: 0; width: 100%; height: 100%; z-index: 990; display: none; background-color: #ffffff; opacity: 0.7;"></div> <div id="windowModalGeneric" class="windowModal" style="display: none; z-index:1000; position:absolute; background:#ffffff; padding: 8px; border: solid 1px #999999; -webkit-box-shadow: 0px 0px 10px 1px rgba(0, 0, 0, 0.15); box-shadow: 0px 0px 10px 1px rgba(0, 0, 0, 0.15);"> <div class="arevnounder" style="position: absolute; top: 1px; right: 1px;width: 26px; height: 22px; cursor: pointer; z-index: 8040; text-align: center; padding-top: 2px; font-weight: bold;" onclick="toggleModal('windowModalGeneric');">X</div> <div class="windowModalInner" style="height: 200px; width: 500px; padding: 10px 15px; position: relative; background:#FFFFFF; overflow: auto;"> <div id="windowModalContent"></div> </div> </div> <script>(function(t,e){t[e]=t[e]||function(){(t[e].q=t[e].q||[]).push(arguments)},t[e].t=1*new Date;var n=document.createElement("script");n.type="text/javascript",n.async=!0,n.src="//static.queit.in/sdk.js";var a=document.getElementsByTagName("script")[0];a.parentNode.insertBefore(n,a)})(window,"uncl");uncl('create', 'dceb5ac5-4708-475d-a99e-48ce404f5184', {config: {apiUrl: '//reason.queit.in/api'}});uncl('set', 'session-id', 8972ec15-1f37-4231-b608-b13b28feacc4);</script> </form> </body> </html>