home

pronova_monitor.exe

IDProtect Client

Athena Smartcard Solutions

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IDProtect Monitor’.
Publisher:
Athena Smartcard Solutions  (signed and verified)

Product:
IDProtect Client

Description:
IDProtect Monitor

Version:
6, 0, 0, 6

MD5:
420f75d9d02e0d970352e4b4ccfe5a67

SHA-1:
4a15b3b3fc7b430edea3c53d05dd4cda7a7ddbbd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 6:31:33 AM UTC  (today)

File size:
489.8 KB (501,600 bytes)

Product version:
6, 0, 0, 6

Copyright:
Athena-scs (c). All rights reserved.

Original file name:
IDProtect Monitor.exe

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\Program Files\pronova\pronova cliente\utils\pronova_monitor.exe

Digital Signature
Signed by:
Athena Smartcard Solutions

Authority:
VeriSign, Inc.

Valid from:
5/19/2011 9:00:00 PM

Valid to:
6/14/2014 8:59:59 PM

Subject:
CN=Athena Smartcard Solutions, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Athena Smartcard Solutions, L=Herzliya, S=Herzliya, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
609E196198995E40E7C6ABB55256172B

File PE Metadata
Compilation timestamp:
5/8/2012 1:13:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:fmrdbwoGJPIDEOF8UDja2WYqEkBpwewnAtCgrMXb4dz8fSebnfYyIForqx2zyp:+JEoGZxOF7jaVVESye3MruLejf6

Entry address:
0x3670B

Entry point:
E8, 63, AA, 00, 00, E9, 17, FE, FF, FF, 8B, 4C, 24, 04, 53, 33, DB, 3B, CB, 56, 57, 74, 08, 8B, 7C, 24, 14, 3B, FB, 77, 1B, E8, 43, 0F, 00, 00, 6A, 16, 5E, 89, 30, 53, 53, 53, 53, 53, E8, 1F, E9, FF, FF, 83, C4, 14, 8B, C6, EB, 31, 8B, 74, 24, 18, 3B, F3, 75, 04, 88, 19, EB, D9, 8B, D1, 8A, 06, 88, 02, 42, 46, 3A, C3, 74, 03, 4F, 75, F3, 3B, FB, 75, 10, 88, 19, E8, 07, 0F, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, C0, 33, C0, 5F, 5E, 5B, C3, 55, 8B, EC, 83, EC, 38, 53, 57, FF, 75, 08, 8D, 4D, C8, E8, 03, F5...
 
[+]

Code size:
328 KB (335,872 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IDProtect Monitor

Command:
"C:\Program Files\pronova\pronova cliente\utils\pronova_monitor.exe"


Scan pronova_monitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.