home

IDrvieEStartup.exe

IDrive

Pro Softnet Corp

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘IDriveE Startup’.
Publisher:
Pro Softnet Corporation  (signed by Pro Softnet Corp)

Product:
IDrive

Version:
3.03.0001

MD5:
02ed47dac1b3a837152616e675b54914

SHA-1:
715d7be8dae65c9136f89ec064d7a110fe1c1365

SHA-256:
46fa9a00400d12af97e979036d5d9567c27176ff4e1a78685838ef77ae62a59f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 12:14:32 PM UTC  (today)

File size:
169.5 KB (173,520 bytes)

Product version:
3.03.0001

Copyright:
Copyright (C) 1999-2009 Pro Softnet Corporation

Original file name:
IDrvieEStartup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Pro Softnet Corp

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
2/22/2008 7:00:00 AM

Valid to:
4/19/2010 6:59:59 AM

Subject:
CN=Pro Softnet Corp, OU=IBACKUP, O=Pro Softnet Corp, L=Woodland Hills, S=California, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
44D63956228188E35356267B3B775F4C

File PE Metadata
Compilation timestamp:
9/21/2009 5:58:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:lg3vod/IvHtiwBY9aRBB86Ru1Zj1eGS5fUB/eg+2tM2Ch0THzGSiuCu05StS0UXz:gvpfEwBY9aRBB86Ru1Zj1eGS5fUAgtti

Entry address:
0x3518

Entry point:
68, B8, 35, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 75, 43, 01, FE, 6C, 56, 58, 4F, A7, A7, D0, EE, F4, 40, 78, 7A, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 49, 44, 72, 69, 76, 65, 45, 53, 74, 61, 72, 74, 75, 70, 00, 00, 00, 00, 00, 00, 50, 00, 00, 00, DA, B6, F8, 24, A8, 4C, C9, 46, 9E, 0B, 16, A3, A5, 59, EF, C3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
152 KB (155,648 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IDriveE Startup

Command:
"C:\idrive\idrvieestartup.exe" hide


Scan IDrvieEStartup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.