home

MacDrive.exe

Mediafour MacDrive

Mediafour Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MacDrive application’. This is installed with MacDrive 7.
Publisher:
Mediafour Corporation  (signed and verified)

Product:
Mediafour MacDrive

Description:
MacDrive application

Version:
7.2.3.0

MD5:
df6fb3ec8838ca15b687a35ab584f2f4

SHA-1:
3e845df2d86208b016855ef99198e27af2b8bfdc

SHA-256:
1fd32445bf54b6a10e8a013bba75d9a8b9d7aa3d50d8a28b057db4bc945eab2e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 11:28:50 AM UTC  (today)

File size:
221.1 KB (226,392 bytes)

Product version:
7.2.3

Copyright:
Copyright © 1996-2008 Mediafour Corporation

Original file name:
MacDrive.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\mediafour\macdrive 7\macdrive.exe

Digital Signature
Signed by:
Mediafour Corporation

Authority:
VeriSign, Inc.

Valid from:
7/13/2007 8:00:00 AM

Valid to:
9/9/2010 7:59:59 AM

Subject:
CN=Mediafour Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mediafour Corporation, L=West Des Moines, S=Iowa, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
20B6C0BFEAEE9A994EDDBAA33016984E

File PE Metadata
Compilation timestamp:
9/24/2008 3:18:29 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:PJv9ELlNDgFCid6TcsY8fIZcKQsp/fbPpgmKQfJGq0O/RWvVeyUeVLnHyN2Y9:59ogFCVIsYiIZysBpgyvN/eVBVLw

Entry address:
0x3CE8

Entry point:
48, 83, EC, 28, E8, 8F, 2E, 00, 00, 48, 83, C4, 28, E9, 16, FE, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, D1, 18, 02, 00, FF, 15, 83, 66, 01, 00, 4C, 8B, 1D, BC, 19, 02, 00, 4C, 89, 5C, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, FF, 4F, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, 7C, 18, 02, 00, 48, 89, 44, 24...
 
[+]

Entropy:
5.8671

Code size:
98.5 KB (100,864 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MacDrive application

Command:
"C:\Program Files\mediafour\macdrive 7\macdrive.exe"


The file MacDrive.exe has been discovered within the following programs.

MacDrive 7  by Mediafour Corporation
www.mediafour.com/products/macdrive
About 4% of users remove it
 
Powered by Should I Remove It?

Scan MacDrive.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.