home

Able2ExtractPro.PrnDisp.exe

Able2Extract Professional

Investintech.com Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Able2Extract Professional 9.0 Print Dispatcher’.
Publisher:
Investintech.com Inc.  (signed and verified)

Product:
Able2Extract Professional

Description:
Print Dispatcher

Version:
9.0.9

MD5:
3e302d8df2b0981b3a16699fa1711793

SHA-1:
292cbe0459ae3857d797a021bb88062055759d15

SHA-256:
4b0c03738439306df7e5d6eb0cb44f851b8e4b70503394f548808ad61c08df69

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 12:53:46 AM UTC  (today)

File size:
8.7 MB (9,109,352 bytes)

Product version:
9.0.9

Copyright:
Copyright © 2000 - 2015 Investintech.com Inc.

Original file name:
Able2ExtractPro.PrnDisp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Investintech.com Inc.

Authority:
VeriSign, Inc.

Valid from:
8/19/2014 7:00:00 PM

Valid to:
10/18/2017 6:59:59 PM

Subject:
CN=Investintech.com Inc., O=Investintech.com Inc., L=Toronto, S=Ontario, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6A1CA0035869752FEDB70357DD081EAA

File PE Metadata
Compilation timestamp:
4/16/2015 6:00:19 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x3B47C0

Entry point:
E8, 2E, 08, 00, 00, E9, 63, FD, FF, FF, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 04, 2B, C8, 1B, C0, F7, D0, 23, C8, 8B, C4, 25, 00, F0, FF, FF, 3B, C8, 72, 0A, 8B, C1, 59, 94, 8B, 00, 89, 04, 24, C3, 2D, 00, 10, 00, 00, 85, 00, EB, E9, CC, CC, CC, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Entropy:
6.2372

Code size:
5.6 MB (5,882,368 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Able2Extract Professional 9.0 Print Dispatcher

Command:
C:\able2extract professional 9.0\able2extractpro.prndisp.exe


Scan Able2ExtractPro.PrnDisp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.