home

conferencers.exe

Global Virtual Opportunities Inc

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘ConferenceRS’.
Publisher:
Global Virtual Opportunities Inc  (signed and verified)

MD5:
cb41d560d42cf9d5aedf6d67aa5e1f82

SHA-1:
4d66dfa448387b3b372dcfa4b1c966f1fbb29a8a

SHA-256:
b9a7b59e740387e6f140405ab5d1b96198fc251639e24f4ecd2d33a24ee7eec3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:02:48 PM UTC  (today)

File size:
4 MB (4,191,424 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\conferencers.exe

Digital Signature
Signed by:
Global Virtual Opportunities Inc

Authority:
Starfield Technologies, Inc.

Valid from:
7/2/2010 11:27:36 AM

Valid to:
6/23/2011 4:35:44 PM

Subject:
CN=Global Virtual Opportunities Inc, O=Global Virtual Opportunities Inc, L=Schertz, S=TX, C=US

Issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
008B0AAA3DE9A3

File PE Metadata
Compilation timestamp:
5/26/2011 5:14:44 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

Entry address:
0x1110

Entry point:
55, 89, E5, 83, EC, 18, C7, 04, 24, 02, 00, 00, 00, FF, 15, 50, 89, A4, 00, E8, F8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 18, C7, 04, 24, 01, 00, 00, 00, FF, 15, 50, 89, A4, 00, E8, D8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 53, 83, EC, 14, 8B, 45, 08, 8B, 00, 8B, 00, 3D, 91, 00, 00, C0, 77, 3B, 3D, 8D, 00, 00, C0, 72, 4B, BB, 01, 00, 00, 00, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 08, 00, 00, 00, E8, 93, E6, 27, 00, 83, F8, 01, 0F, 84, FF, 00, 00, 00, 85, C0...
 
[+]

Code size:
2.8 MB (2,897,920 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ConferenceRS

Command:
C:\windows\conferencers.exe


Scan conferencers.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.