home

Procexp.exe

Process Explorer

Microsoft Corporation

Publisher:
Sysinternals - www.sysinternals.com  (signed by Microsoft Corporation)

Product:
Process Explorer

Description:
Sysinternals Process Explorer

Version:
15.22

MD5:
7fa34e22a8649aa4eea11f2d3f4d70d8

SHA-1:
eabb7e531b58855c65e5a39cf2ca301badabd289

SHA-256:
0f35ebc6afc8877fa0fbaaabf83ec2f067885e4b8b3b780229baf3e1aca9cb63

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/26/2024 4:07:09 PM UTC  (today)

File size:
2.6 MB (2,691,192 bytes)

Product version:
15.22

Copyright:
Copyright © 1998-2012 Mark Russinovich

Trademarks:
Copyright (C) 1998-2012 Mark Russinovich

Original file name:
Procexp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
10/10/2011 1:32:25 PM

Valid to:
1/10/2013 12:32:25 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6119CC93000100000066

File PE Metadata
Compilation timestamp:
7/5/2012 10:32:21 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:CVtShOPbDT6h+oKxvDp6Wlx9VRl4oC54/sSmSXFhd:CVtS0P+h+ocC

Entry address:
0xA9BF6

Entry point:
E8, 0E, AE, 00, 00, E9, 79, FE, FF, FF, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, FA, C5, FF, FF, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, E4, C5, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 58, 7E, 4E, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8...
 
[+]

Entropy:
6.0959

Code size:
775.5 KB (794,112 bytes)

The file Procexp.exe has been discovered within the following program.

EasyCleaner  by ToniArts
Publisher's description - “EasyCleaner is a small program that searches through Windows registry for entries that are pointing nowhere. EasyCleaner also lets you delete all kinds of unnecessary files like temps and backups.”
personal.inet.fi/business/toniarts
40% remove it
 
Powered by Should I Remove It?

The file Procexp.exe has been seen being distributed by the following URL.

http://live.sysinternals.com/procexp.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.