home

windows drivers.exe

Windows Agent

Tesline-Service s.r.l.

It runs as a separate (within the context of its own process) windows Service named “Monitoring agent”.
Publisher:
Windows-service  (signed by Tesline-Service s.r.l.)

Product:
Windows Agent

Description:
Windows Drivers

Version:
5, 7, 11, 1

MD5:
bca46b5d328927a56f840d33c8970379

SHA-1:
80326da0c5b35c3304a40dd3b2d4864d73181868

SHA-256:
286c0c47e5fc684b9c4f44791f20452f50de995beeb2708de81af69bbb7927a9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 3:05:27 AM UTC  (today)

File size:
508 KB (520,216 bytes)

Product version:
5, 6, 11, 1

Copyright:
Copyright (C)

Original file name:
Windows agent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\microsoft\windows\microsoft drivers\windows drivers.exe

Digital Signature
Signed by:
Tesline-Service s.r.l.

Authority:
GlobalSign nv-sa

Valid from:
11/20/2014 1:16:25 PM

Valid to:
2/20/2018 1:16:25 PM

Subject:
CN=Tesline-Service s.r.l., OU=Rohos, O=Tesline-Service s.r.l., L=Chisinau, C=MD

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112147039D3A8FFEE281C3FDDF38A29D6B10

File PE Metadata
Compilation timestamp:
8/18/2016 3:46:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x3991B

Entry point:
E8, CD, C2, 00, 00, E9, 16, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 4C, E6, 46, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 4C, E6, 46, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Code size:
336 KB (344,064 bytes)

Service
Display name:
Monitoring agent

Service name:
KMA Monitoring agent

Type:
Win32OwnProcess

Group:
UIGroup


Scan windows drivers.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.