Should I block it?

90%
90% of PCs block this file from running.
Possible reason:
Multiple malware detections

VersionsAdditional versions

1.0.6033.0 50.00%
1.0.6033.0 50.00%
(Note, WhiteSmoke publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

WSEnrichment.exe

WSEnrichment Application by WhiteSmoke

Remove WSEnrichment.exe
Version:   1.0.6033.0
MD5:   2e0b62615aa21a9fce189c9db9fdfced
SHA1:   a53a56bfb53154ee4b7cdf7c61935a2965b71590
SHA256:   c02aa0525033d8dbd7310ec6f149d341a5bbfa19db33dc4a6cde81aa448dbd78
Warning 4 antivirus scanners has detected malware.

Overview

wsenrichment.exe is malware that executes as a process with the local user's privileges. During installation, it (or a shortcut) is added to the user's startup folder which is designed to automatically launch when the user logs into Windows. It is installed with a couple of know programs including WhiteSmoke published by WhiteSmoke and WhiteSmoke published by WhiteSmoke.

DetailsDetails

File name:wsenrichment.exe
Publisher:WhiteSmoke
Product name:WSEnrichment Application
Typical file path:C:\Program Files\whitesmoke\wsenrichment.exe
File version:1.0.6033.0
Size:2.06 MB (2,162,688 bytes)
Build date:4/12/2011 8:40 AM
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 8.0
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
WhiteSmoke
 WhiteSmoke
  85% remove
WhiteSmoke is a toolbar for Intenet Explorer and Firefox. The toolbar collects and stores information about your web browsing habits and sends this information to WhiteSmoke so they can suggest services or provide advertising via the toolbar. The WhiteSmoke Toolbar will attempt to change your home page and search provider if you are not careful during installation and provides a search box and various other generic features in the toolb...

BehaviorsBehaviors

User start menu folder
Shortcut pointer placed in '%appdata%\Microsoft\Windows\Start Menu'
  • Shortcut to 'wsenrichment.exe'
Network connections
  • [TCP] 63.236.35.10:80
  • [UDP] listens on port 62660

    • MalwareMalware detections

    Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
    Antivirus engineEngine versionDetection
    Dr.Web 8.13.10.6 Adware.WhiteSmoke.30
    Emsisoft Anti-Malware 3.0.0.575 Trojan.Win32.WhiteSmoke.AMN (A)
    eSafe 7.0.17.0 Win32.WhiteSmoke
    Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.F47V1101

    ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00007461%
    0.028634%
    Kernel CPU:0.00000721%
    0.013761%
    User CPU:0.00006740%
    0.014873%
    Kernel CPU time:2,044 ms/min
    100,923,805ms/min
    CPU cycles:5,047,496/sec
    17,470,203/sec
    Memory
    Private memory:45.38 MB
    21.59 MB
    Private (maximum):66.23 MB
    Private (minimum):1.12 MB
    Non-paged memory:45.38 MB
    21.59 MB
    Virtual memory:271.76 MB
    140.96 MB
    Virtual memory (peak):284.96 MB
    169.69 MB
    Working set:11.32 MB
    18.61 MB
    Working set (peak):66.23 MB
    37.95 MB
    Page faults:41,019/min
    2,039/min
    I/O
    I/O read transfer:1.42 KB/sec
    1.02 MB/min
    I/O read operations:1/sec
    343/min
    I/O write transfer:3 Bytes/sec
    274.99 KB/min
    I/O write operations:1/sec
    227/min
    I/O other transfer:113 Bytes/sec
    448.09 KB/min
    I/O other operations:7/sec
    1,671/min
    Resource allocations
    Threads:20
    12
    Handles:435
    600
    GUI GDI count:41
    103
    GUI GDI peak:45
    142
    GUI USER count:65
    49
    GUI USER peak:74
    71

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:64-bit
    Command line:"C:\Program Files\whitesmoke\wsenrichment.exe"
    Owner:User

    ResourcesThreads

    Averages
     
    WSEnrichment.exe (main module)
    Total CPU:0.00083329%
    0.272967%
    Kernel CPU:0.00038352%
    0.107585%
    User CPU:0.00044977%
    0.165382%
    CPU cycles:1,608,499/sec
    5,741,424/sec
    Memory:2.08 MB
    1.16 MB
    wow64.dll (Win32 Emulation on NT64 by Microsoft)
    Total CPU:0.00006802%
    Kernel CPU:0.00000523%
    User CPU:0.00006279%
    CPU cycles:2,366/sec
    Memory:252 KB
    ntdll.dll
    Total CPU:0.00004186%
    Kernel CPU:0.00000000%
    User CPU:0.00004186%
    CPU cycles:41,422/sec
    Memory:1.66 MB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 50.00%
    Windows Vista Home Basic 50.00%

    Distribution by countryDistribution by country

    United States installs about 50.00% of WSEnrichment Application.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Dell 66.67%
    Hewlett-Packard 33.33%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE