home

id_bglaunch.exe

IDrive

Pro Softnet Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IDrive Background process’.
Publisher:
Prosoftnet  (signed by Pro Softnet Corporation)

Product:
IDrive

Description:
IDrive Background

Version:
6.5.0.5

MD5:
8de8e7385b666aca043323cb10e44e80

SHA-1:
a4aed692363965c45066ac10d9588eb79722da74

SHA-256:
cf90677b4c03211057578d6a5bd69fe634c295968ebf3f5c3a89dcc23d5254e7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 11:12:23 PM UTC  (a few moments ago)

File size:
71 KB (72,736 bytes)

Product version:
6.5.0.5

Copyright:
Copyright © Prosoftnet 2013

Original file name:
id_bglaunch.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\idrivewindows\id_bglaunch.exe

Digital Signature
Signed by:
Pro Softnet Corporation

Authority:
Thawte, Inc.

Valid from:
2/13/2014 7:00:00 PM

Valid to:
2/14/2016 6:59:59 PM

Subject:
CN=Pro Softnet Corporation, OU=IT, O=Pro Softnet Corporation, L=Calabasas, S=California, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
68A7A5C7BD2B769D46DD66EE575B8C68

File PE Metadata
Compilation timestamp:
10/29/2015 8:47:28 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:SbM/in9ipV9QbZDxBmNPXreYBASer59DfcARax/fl1q:SU09iKrENPDBASeXTcAAplw

Entry address:
0x53AE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 88, 00, 00, 80, 10, 00, 00, 00, A0, 00, 00, 80, 18, 00, 00, 00, B8, 00...
 
[+]

Entropy:
6.7740

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
13 KB (13,312 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IDrive Background process

Command:
"C:\Program Files\idrivewindows\id_bglaunch.exe" min


Scan id_bglaunch.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.