PCCNTMON.EXE

Trend Micro OfficeScan

Trend Micro, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘OfficeScanNT Monitor’.
Publisher:
Trend Micro Inc.  (signed by Trend Micro, Inc.)

Product:
Trend Micro OfficeScan

Description:
トレンドマイクロ ウイルスバスター コーポレートエディションモニタ

Version:
10.0.0.3017

MD5:
970d379a629c429b2219b8e909bae3fc

SHA-1:
ce9ff20b0b0edb382a46fa405bfcc3443048692a

SHA-256:
c13f96c091c06b320c7302b97d5556273025c295678bea4575e0ec8f12770451

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 3:45:09 AM UTC  (today)

File size:
1.3 MB (1,384,440 bytes)

Product version:
10.0

Copyright:
Copyright (C) 1998-2011 Trend Micro Incorporated. All rights reserved.

Trademarks:
Copyright (C) Trend Micro Inc.

Original file name:
PCCNTMON.EXE

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\trend micro\officescan client\pccntmon.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
1/31/2011 9:00:00 AM

Valid to:
2/17/2012 8:59:59 AM

Subject:
CN="Trend Micro, Inc.", OU=RD, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Trend Micro, Inc.", L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
24E3D70B86ED54D0B22C3450B960984E

File PE Metadata
Compilation timestamp:
12/6/2011 6:43:57 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0xA8650

Entry point:
48, 83, EC, 28, E8, 57, CF, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 0F, B7, 01, 66, 85, C0, 74, 12, 66, 3B, C2, 74, 12, 66, 8B, 41, 02, 48, 83, C1, 02, 66, 85, C0, 75, EE, 66, 39, 11, 75, 04, 48, 8B, C1, C3, 33, C0, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 4C, 8B, C1, 0F, B7, 01, 48, 83, C1, 02, 66, 85, C0, 75, F4, 90, 48, 83, E9, 02, 49, 3B, C8, 74, 09, 66, 39, 11, 75, F2, 48, 8B, C1, C3, 66, 39, 11, 75, 04, 48, 8B, C1, C3, 33, C0, C3, CC, CC...
 
[+]

Entropy:
6.1069

Code size:
867 KB (887,808 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
OfficeScanNT Monitor

Command:
"C:\Program Files\trend micro\officescan client\pccntmon.exe" -hidewindow


Scan PCCNTMON.EXE - Powered by Reason Core Security