home

conprotsetup.exe

Content Protector

LLC

The application conprotsetup.exe, “Content Protector Setup” by LLC has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program ContentProtector by Artex Management S. A..
Publisher:
"Artex Management S. A."  (signed by LLC )

Product:
Content Protector

Description:
Content Protector Setup

Version:
2.0.0.1

MD5:
d47f075b7a051a7b470daec5f8971bad

SHA-1:
aaf67667e7ee67c1f63638e1cf7dfa0618250fb2

SHA-256:
fd573dc19aba4a97bc1ed2a1eaf83b1da4a7e99872fd3c270cf1a5df92fe12cd

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/15/2024 3:31:44 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Artex.Amonitize.Installer.Meta (M)
16.7.14.0

File size:
6 MB (6,276,304 bytes)

Product version:
2.0.0.1

Copyright:
Copyright: (c) "Artex Management S. A.". All rights reserved.

Original file name:
ConProtSe.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\contentprotector\conprotsetup.exe

Digital Signature
Signed by:
LLC

Authority:
COMODO CA Limited

Valid from:
11/10/2015 8:00:00 AM

Valid to:
11/10/2016 7:59:59 AM

Subject:
CN="LLC ""IT-PROF""", OU=IT, O="LLC ""IT-PROF""", STREET="prosp. Heroyiv Stalinhrada, 48", L=Kiev, S=Kiev, PostalCode=04213, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
7B1E28BB38088B1862D9E29DE894FEEB

File PE Metadata
Compilation timestamp:
4/12/2016 1:16:07 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:ZlTpGXtWr5gjYF5pOkfsR2Kpq4XwU7byMIj2T8LWs8Leccl0AyaFcqyTOQLe0:nzlcq+Rbk4A3MCmnecFAydqMzS0

Entry address:
0xEB04

Entry point:
E8, 1A, 45, 00, 00, E9, 73, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 1C, BD, 42, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 44, A1, 42, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 1C, BD, 42, 00, 00, 0F, 83, A7, 01, 00, 00...
 
[+]

Code size:
119.5 KB (122,368 bytes)

Program Uninstaller
Program name:
ContentProtector

Display publisher:
Artex Management S. A.

Display version:
2.0

Uninstall string:
C:\Program Files\ContentProtector\ConProtSetup.exe uninst=1


Remove conprotsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.