home

Monitor.EXE

Monitor Application

Newsoft Technology Company

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Presto! PVR HD Monitor’.
Publisher:
NewSoft  (signed by Newsoft Technology Company)

Product:
Monitor Application

Description:
Monitor Application

Version:
1, 0, 3, 2074

MD5:
42cf3e2e643053d4429047de2fccb6c8

SHA-1:
782e013ec150e0fad619e9c1799b19d457b10695

SHA-256:
e95d611e72e69452ffcfc29e5f72a17b29fe18c4d2c8384d5ebf171d9671c21b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:59:05 PM UTC  (today)

File size:
185.8 KB (190,288 bytes)

Product version:
1, 0, 3, 2074

Copyright:
Copyright 2005-2008 by NewSoft Technology Corporation. All rights reserved.

Original file name:
Monitor.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\newsoft\presto! pvr hd\monitor.exe

Digital Signature
Signed by:
Newsoft Technology Company

Authority:
VeriSign, Inc.

Valid from:
3/12/2007 9:00:00 PM

Valid to:
5/4/2010 8:59:59 PM

Subject:
CN=Newsoft Technology Company, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Newsoft Technology Company, L=Hsinchu, S=Hsinchu, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
465B5F97A261A61C63C23A4950135A48

File PE Metadata
Compilation timestamp:
7/30/2008 9:59:37 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:z4/ATpZbwxDFZotSfgaVh18+rM2snET7H3pakRiNbkzPKu8TxzV1VMswOx6jCQSy:E/YZbwxDMtSoaV7vrCAXpakRiNGYWCk

Entry address:
0x1C738

Entry point:
55, 8B, EC, 6A, FF, 68, 20, 0E, 42, 00, 68, 96, C8, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 98, F5, 41, 00, 59, 83, 0D, DC, 79, 42, 00, FF, 83, 0D, E0, 79, 42, 00, FF, FF, 15, 94, F5, 41, 00, 8B, 0D, D0, 79, 42, 00, 89, 08, FF, 15, 90, F5, 41, 00, 8B, 0D, CC, 79, 42, 00, 89, 08, A1, 8C, F5, 41, 00, 8B, 00, A3, D8, 79, 42, 00, E8, 28, 01, 00, 00, 39, 1D, 50, 70, 42, 00, 75, 0C, 68, CC, C8, 41, 00, FF, 15, 88, F5...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
120 KB (122,880 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Presto! PVR HD Monitor

Command:
C:\Program Files\newsoft\presto! pvr hd\monitor.exe


Scan Monitor.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.