home

setup_fr.exe

LaunchAnywhere

Zero G

This is the uninstaller utility registered in the Windows Control Panel for the program PlexDomain by PlexObject Solutions, Inc.. The file has been seen being downloaded from doc-00-0g-docs.googleusercontent.com and multiple other hosts.
Publisher:
Zero G

Product:
LaunchAnywhere

Description:
LaunchAnywhere GUI

Version:
4.5.2.0

MD5:
99fe6684abaab6536dc61b969b6fd065

SHA-1:
528aaae4e060a0c16725a8c4f46d74f313f7b2b3

SHA-256:
73763fbae3d6170fcb912bde60ff02430bd251d316d00af56ac487ca1f499258

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
5/2/2024 9:38:15 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod816.Trojan
1.3.0.4613

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131210

File size:
312 KB (319,488 bytes)

Product version:
4.5.2.0

Copyright:
Copyright © 1998-2002

Original file name:
laxw.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\temp\iase\windows\setup_fr.exe

File PE Metadata
Compilation timestamp:
1/4/2002 3:01:40 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
6144:7hG7fPlRh9XXKBfPFY/HOMu76rOgvudpK:7hUnlRhhXefPSuGrOgvu

Entry address:
0x239E0

Entry point:
55, 89, E5, 53, 83, EC, 48, 55, B8, FF, FF, FF, FF, 50, 50, 68, 70, 59, 42, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 83, EC, 20, 83, E4, E0, 68, 70, A1, 43, 00, E8, AE, 7D, FF, FF, 59, E8, 48, B1, FF, FF, E8, 43, 02, 00, 00, 85, C0, 74, 0F, 68, F0, 3A, 42, 00, E8, 15, 1E, 00, 00, 59, 85, C0, 74, 08, 6A, FF, E8, 39, 1E, 00, 00, 59, E8, 83, 21, 00, 00, E8, 7E, 23, 00, 00, FF, 15, A4, D2, 43, 00, 89, C3, EB, 18, 8D, 44, 20, 00, 3C, 22, 75, 0F, 43, 8A, 03, 84, C0, 74, 04, 3C, 22, 75, F5, 3C...
 
[+]

Entropy:
6.4688

Packer / compiler:
REALbasic

Code size:
148 KB (151,552 bytes)

Program Uninstaller
Program name:
PlexDomain

Display publisher:
PlexObject Solutions, Inc.

Display version:
1.0.0.0

Uninstall string:
"C:\Program Files (x86)\PlexDomain\UninstallerData\Uninstall PlexDomain.exe"


The file setup_fr.exe has been discovered within the following programs.

AnaBuilder  by AnaBuilder
anabuilder.free.fr/indexEN.html
About 9% of users remove it
Duraprint net  by colours new media GmbH & Co. KG
www.colours-new-media.de
About 1% of users remove it
ErosLink  by Eros Tek
www.erostek.com
About 3% of users remove it
exPressit SE  by Medea International Ltd
www.medea.co.uk
About 3% of users remove it
Gas Management Program  by Andreas Hagberg
www.gmp.tech.nu
About 9% of users remove it
InteGrade Pro  by Pearson Digital Learning
About 1% of users remove it
iTrade  by Softech Systems
About 3% of users remove it
Marketmaker Spreadbet Client Live  by MarketMaker
About 6% of users remove it
Money Matters 2005  by Drake Software
About 9% of users remove it
NetBotz Advanced View 2.6  by NetBotz
Publisher's description - “NetBotz is a next generation monitoring solution ideal for smaller spaces that require comprehensive monitoring in locations with little need for future expandability. This fully featured solution provides rich image graphics and integrated environmental monitoring.”
www.apcc.com
About 6% of users remove it
 
Latest 20 of 20 programs
Powered by Should I Remove It?

The file setup_fr.exe has been seen being distributed by the following 3 URLs.

https://doc-00-0g-docs.googleusercontent.com/docs/securesc/6pv3u4q5mg001m78dajdhl9a5u07o1c9/g1jst0cv48qi5ged7cs8u4q6vr8qk5h9/1462212000000/16261324517285237691/.../0B14P5v1bBQj6NVFLM2hJcFRka0k?e=download

https://onedrive.live.com/download.aspx?cid=3268B3649431D9E9&resid=3268B3649431D9E9!202&canary=pG2kR5CvQDMrfooljiIMlfAKThWJ1ZnCUoIs9q8i9 8=3&ithint=.exe

https://ox.vitoria-gasteiz.org/ajax/mail?action=attachment&session=06b409cfd4da4a7face0137f8148120d&folder=default0/.../Enviados&id=3992&attachment=2&save=0&filter=1

Scan setup_fr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.