home

rvMonitor.EXE

rvMonitor Application

Rsupport Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RemoteView Agent Monitoring’.
Publisher:
Rsupport Co., Ltd.  (signed and verified)

Product:
rvMonitor Application

Description:
Remote View Monitor Application

Version:
1, 0, 0, 3

MD5:
e8ab34dfe945043bcb812446bb45ff72

SHA-1:
a1d86769afbca94a864ffad27fc5bb2a5dd52399

SHA-256:
0dab5338edcc0d00fd1b66cfa205992338e55f9fffd250ac6de10f0be37c0525

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:04:11 PM UTC  (today)

File size:
145.5 KB (149,024 bytes)

Product version:
1, 0, 0, 3

Copyright:
Copyright (C) 2004 Rsupport Co., Ltd.

Original file name:
rvMonitor.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\rsupport\remoteview agent 4.0\rvmonitor.exe

Digital Signature
Signed by:
Rsupport Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
5/23/2006 9:00:00 AM

Valid to:
6/12/2007 8:59:59 AM

Subject:
CN="Rsupport Co., Ltd.", OU=Marketing Team, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Rsupport Co., Ltd.", L=Songpa-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7E7B087B73446E575D74F4C2C3874FE7

File PE Metadata
Compilation timestamp:
4/3/2007 9:32:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:J6jadsCeLTwwoMEnUx7aij3F+fL7L42KPqUVl9UD6d2cyYHkviagn:y0B7MDeEFa7tKCml9qUjHKi

Entry address:
0x37B4

Entry point:
55, 8B, EC, 6A, FF, 68, 80, 6B, 41, 00, 68, DC, 32, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 70, 51, 41, 00, 33, D2, 8A, D4, 89, 15, 84, FA, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 80, FA, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 7C, FA, 41, 00, C1, E8, 10, A3, 78, FA, 41, 00, 6A, 01, E8, 04, 29, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, F8, 25, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
5.7269

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
80 KB (81,920 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RemoteView Agent Monitoring

Command:
C:\Program Files\rsupport\remoteview agent 4.0\rvmonitor.exe


Scan rvMonitor.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.