Technical information: |
|
| Icon status | No tray icon |
| Icon setting | Not in the system tray |
| Executable file | C:\PROGRA~1\REFERE~2\bar\1.bin\1pbrmon.exe |
| Version | 2,3,0,0 |
| Parent process | C:\WINDOWS\explorer.exe |
| Can be uninstalled | Yes |
| Encrypted | No |
| Size on disk | 29.3 Kb |
| Minimum recorded memory usage | 724 Kb |
| Average recorded memory usage | 724 Kb |
| Maximum recorded memory usage | 724 Kb |
| Date when maximum memory usage occured | 1/26/2012 10:00:43 AM |
| Minimum recorded CPU usage | 0% |
| Average recorded CPU usage | 0% |
| Maximum recorded CPU usage | 0% |
| Date when maximum CPU usage occured | 1/26/2012 10:00:43 AM |
| Started at | 1/26/2012 9:56:58 AM |
| Total CPU time | 0 seconds |
| Imported functions | [-] Imported from KERNEL32.dllSleep
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrlenA
GetModuleFileNameA
SetThreadPriority
GetCurrentThread
GetLastError
CreateEventA
LockResource
LoadResource
FindResourceA
LoadLibraryExA
GetStartupInfoA
ExitProcess
GetCommandLineA
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
LocalFree
GetVersionExA
[-] Imported from USER32.dllPeekMessageA
UnhookWindowsHookEx
DispatchMessageA
TranslateMessage
PostQuitMessage
CreateWindowExA
RegisterClassExA
SetWindowsHookExA
CharNextA
GetMessageA
DefWindowProcA
|
| Some relevant texts from the exe file | [-] Click here to hide details(http://ak.results.myway.com/mw_eula.html0
http://ocsp.verisign.com0?
https://www.verisign.com/rpa0
http://crl.verisign.com/pca3.crl0)
http://ocsp.verisign.com01
http://logo.verisign.com/vslogo.gif0
https://www.verisign.com/cps0*
0http://crl.verisign.com/ThawteTimestampingCA.crl0
http://ocsp.verisign.com0
http://crl.verisign.com/tss-ca.crl0
!This program cannot be run in DOS mode.
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
SetThreadPriority
GetCurrentThread
GetLastError
LockResource
LoadResource
FindResourceA
LoadLibraryExA
GetStartupInfoA
ExitProcess
GetCommandLineA
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
GetProcessHeap
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
KERNEL32.dll
DefWindowProcA
PostQuitMessage
UnhookWindowsHookEx
DispatchMessageA
CreateWindowExA
RegisterClassExA
SetWindowsHookExA
USER32.dll
OLEAUT32.dll
SetProcessShutdownParameters
brstub.dll
advapi32.dll
<?xml version=
encoding=
standalone=
urn:schemas-microsoft-com:asm.v1
manifestVersion=
<assemblyIdentity version=
BrowserMonitor
<trustInfo xmlns=
urn:schemas-microsoft-com:asm.v3
<security>
</trustInfo>
VS_VERSION_INFO
StringFileInfo
CompanyName
VER_COMPANY_NAME
FileDescription
VER_DESCRIPTION
FileVersion
InternalName
VER_EXE_FILENAME
LegalCopyright
VER_COPYRIGHT
OriginalFilename
VER_EXE_FILENAME.exe
ProductName
VER_PRODUCT_NAME
ProductVersion
VarFileInfo
Translation
VeriSign Time Stamping Services CA0
+VeriSign Time Stamping Services Signer - G20
Durbanville1
Thawte Certification1
Thawte Timestamping CA0
.Class 3 Public Primary Certification Authority0
VeriSign Trust Network1;09
VeriSign Class 3 Code Signing 2009-2 CA0
image/gif0!0
White Plains1
Mindspark Interactive Network1>0<
Mindspark Interactive Network0
VeriSign Class 3 Code Signing 2009-2 CA
VeriSign Time Stamping Services CA
|
"VER_DESCRIPTION" that belongs to "VER_PRODUCT_NAME" made by "VER_COMPANY_NAME" 
