home

ProcMon.PPL

Kaspersky Anti-Virus

Kaspersky Lab

Publisher:
Kaspersky Lab  (signed and verified)

Product:
Kaspersky Anti-Virus

Description:
Process Monitor

Version:
11.0.0.1245

MD5:
26fb93073e89b9aeb57dad5609cd4325

SHA-1:
3fc8bc41be7608702c48ec70a1922d22c0affe2a

SHA-256:
1b2bea0da708f0ed028358ba0a641935795fccbd07cb410bc6c32a34e6bc8efa

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 8:49:42 PM UTC  (today)

File size:
524.2 KB (536,768 bytes)

Product version:
11.0.0.1245

Copyright:
Copyright © Kaspersky Lab 1997-2009.

Trademarks:
Kaspersky™ Anti-Virus ® is registered trademark of Kaspersky Lab.

Original file name:
ProcMon.PPL

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\procmon.ppl

Digital Signature
Signed by:
Kaspersky Lab

Authority:
DigiCert Inc

Valid from:
2/22/2013 7:00:00 AM

Valid to:
4/28/2015 7:00:00 PM

Subject:
CN=Kaspersky Lab, O=Kaspersky Lab, L=Moscow, C=RU

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0226E6BDA76DAE711E3DB2321E3B5308

File PE Metadata
Compilation timestamp:
3/31/2011 1:02:58 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:jbMZGtcmYuw0L2DK8fOua9y1QG9ezBq071eqa13lk+cOsHQHyg0CwQc:jbtcruw0L2DK8fyxGUFq071eqaplk+ch

Entry address:
0x54F82

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, F6, 03, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, CD, FE, FF, FF, 59, C2, 0C, 00, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, B0, 84, 5F, 6D, 89, 0D, AC, 84, 5F, 6D, 89, 15, A8, 84, 5F, 6D, 89, 1D, A4, 84, 5F, 6D, 89, 35, A0, 84, 5F, 6D, 89, 3D, 9C, 84, 5F, 6D, 66, 8C, 15, C8, 84, 5F, 6D, 66, 8C, 0D, BC, 84, 5F, 6D, 66, 8C, 1D, 98, 84, 5F, 6D, 66, 8C, 05, 94, 84, 5F, 6D, 66, 8C, 25, 90, 84, 5F, 6D, 66, 8C, 2D, 8C, 84, 5F, 6D, 9C, 8F, 05, C0, 84, 5F, 6D, 8B, 45...
 
[+]

Entropy:
6.4781

Code size:
372 KB (380,928 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.