DriveMonitor.exe

DriveMonitor.exe

Storage Appliance Corporation

Publisher:
Storage Appliance Corp.  (signed by Storage Appliance Corporation)

Product:
DriveMonitor.exe

Version:
1.0.2.1

MD5:
0f69114e8ac7b89c0ff178238820d530

SHA-1:
8ca63f40f78f3154a8154921b9bd8d3a79dd4e79

SHA-256:
1df01f76e8d0c812978b7e59840ab76fb798274f7f34355dbc63f5b41fb70354

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is clean.

Analysis date:
3/29/2014 9:44:07 PM UTC  (three months ago)

Scan engine
Detection
Engine version

ByteHero BDV
Trojan.Malware.Win32.xPack.m
3.29.2014.10

File size:
789.8 KB (808,784 bytes)

Product version:
1.0.1.0

Copyright:
Copyright (C) 2011

Original file name:
DriveMonitor.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\clickfree\boxsoftware\drivemonitor.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/27/2011 6:00:00 PM

Valid to:
11/14/2012 5:59:59 PM

Subject:
CN=Storage Appliance Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Storage Appliance Corporation, S=Ontario, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
13172E0242636F1A6CEB2CD923F8E7AF

File PE Metadata
Compilation timestamp:
1/10/2012 11:29:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:CxNBYIJ1+t4DDS/LLPMRvQSxaTP2f0yTHibH2bv6Ilriua9dXWQbp7XIxco56hd8:SBuLLaaj2f0Ei72bSIl+/tvswpFk

Entry address:
0x2EBF6

Entry point:
E8, B3, 5A, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, CC, 19, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 6F, 04, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, 08, 5B, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, 47, 11, 00, 00, 83, C4, 0C, 39, 7D, 10, 74, B6, 39, 75, 0C, 73, 0E, E8, 7D, 19, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, AD, 6A, 16...
 
[+]

Entropy:
5.2995

Code size:
280 KB (286,720 bytes)

The file DriveMonitor.exe has been discovered within the following program.

Clickfree  by Clickfree Automatic Backup
www.clickfree.com
About 7% of users remove it
 
Powered by Should I Remove It?

0 / 68
DriveMonitor.exe  1.0.2.1  (b054a6b4e972c36d01a9224229138fe99ef319a4)

0 / 68
CFAgent.exe  (dd96e9b6e00306ee2d5a053a21132f0a7c3bedd5)

0 / 68
FibReminder.exe  (950390656a7fddf4d2f8577e48ee8bae31a97e75)

0 / 68
SacDevice.dll  (fd117ca2c70b8f1aad59015a83546197b21f21e4)

0 / 68
FibUac.exe  (350a4e67f57df9d210b515de0b37eb86442bbd19)

0 / 68
FullImagingService.exe  (443fb5d4c61bce1fc50a10df11ec38edca667a35)

0 / 68
SacNetAgent.exe  (010160793c19bb756f9f26959e5e7ce55778fa76)

0 / 68
UACProxy.exe  (43e96e0d799e7d51e202c282214a500393baf299)

0 / 68
LogWriterDLL.dll  (288a3cae391594a27ec32823b85f1a9ff2c48e62)

0 / 68
BackupRestoreUtilDLL.dll  (a329c5be5005fc1d8178489e8418d2931436fc40)

0 / 68
CommObjects.dll  (a5e5aff2b00d0907afb4dec303df149fa4654913)

0 / 68
RemoteRepositoryComponents.dll  (da97a5ebfbf925b43b6ae0bde51a6259665be2ab)

0 / 68
ConfigurationSettings.dll  (c4ef5da099ee889361eea9889bac0718245cecc0)

0 / 68
IPCDuplexServicesLibrary.dll  (12d23abe9ca3412e5572821b13fec1e2db9563e7)

0 / 68
WCFServerLib.dll  (40e3dee202f505c9fe117e228c2293cca6b61951)

0 / 68
SchedulerDLL.dll  (812ef59a240773698c9a9756a2ec1f335e2a6c84)

0 / 68
CSH_Devutil.dll  (386778ef0c3859b76e56c221566e56a6804d4e8a)

Distribution by Country