home

GrooveMonitor.exe

GrooveMonitor Utility

Microsoft Corporation

The file is part of Microsoft Office 2007. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘GrooveMonitor’.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
GrooveMonitor Utility

Version:
12.0.4518.1014

MD5:
67e05ddb98f9b1197d0ba883b2105d9e

SHA-1:
4b461a0c79add40743cfc3c8d1bc60693bb7e9dc

SHA-256:
fdfc4478b80ea239d49736a1bfca3988d00b24a092d64c7a403c0dfa0d8ff087

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 8:36:48 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Evo-gen [Susp]
160212-0

File size:
32 KB (32,768 bytes)

Product version:
4.2.0.2623

Copyright:
© 2006 Microsoft Corporation. All rights reserved.

Original file name:
GrooveMonitor.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\microsoft office\office12\groovemonitor.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
4/4/2006 7:43:46 PM

Valid to:
10/4/2007 7:53:46 PM

Subject:
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
61469ECB000400000065

File PE Metadata
Compilation timestamp:
10/27/2006 3:53:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
384:FUhEa1k4fCX/jbLb9sbr6aPOL0ZLtwwCVtdLWasG6RLEWkHW10sLCcM4aeW:q7pOrbyLOLldLWasNLSSPL3bae

Entry address:
0x2A96

Entry point:
E8, 16, FC, FF, FF, E9, 35, FD, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, E0, 61, 40, 00, 89, 0D, DC, 61, 40, 00, 89, 15, D8, 61, 40, 00, 89, 1D, D4, 61, 40, 00, 89, 35, D0, 61, 40, 00, 89, 3D, CC, 61, 40, 00, 66, 8C, 15, F8, 61, 40, 00, 66, 8C, 0D, EC, 61, 40, 00, 66, 8C, 1D, C8, 61, 40, 00, 66, 8C, 05, C4, 61, 40, 00, 66, 8C, 25, C0, 61, 40, 00, 66, 8C, 2D, BC, 61, 40, 00, 9C, 8F, 05, F0, 61, 40, 00, 8B, 45, 00, A3, E4, 61, 40, 00, 8B, 45, 04, A3, E8, 61, 40, 00, 8D, 45, 08, A3, F4, 61, 40, 00, 8B...
 
[+]

Code size:
10.5 KB (10,752 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GrooveMonitor

Command:
"C:\Program Files\microsoft office\office12\groovemonitor.exe"


Scan GrooveMonitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.