home

Schedule.EXE

HD革命/DISK Mirror

Ark Information Systems inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DiskMirror Startup’.
Publisher:
株式会社アーク情報システム  (signed by Ark Information Systems inc.)

Product:
HD革命/DISK Mirror

Description:
HD革命/DISK Mirror Version 3.0.3

Version:
3, 0, 3, 0

MD5:
559825a897d00269fabdb0beb8e4f748

SHA-1:
ddacacfe3d50298358b8a2f19ff072833212f8d6

SHA-256:
324d85c2365f82101188077cc7acc5f32c3e100ea5861f7d8ccb4acfaa33c596

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:43:46 PM UTC  (today)

File size:
2.1 MB (2,201,472 bytes)

Product version:
3, 0, 3, 0

Copyright:
Copyright (C) 2006-2013 株式会社アーク情報システム

Trademarks:
HD革命(R)

Original file name:
Schedule.EXE

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\ark information systems inc\diskmirror3\schedule.exe

Digital Signature
Signed by:
Ark Information Systems inc.

Authority:
VeriSign, Inc.

Valid from:
7/2/2012 9:00:00 AM

Valid to:
7/3/2013 8:59:59 AM

Subject:
CN=Ark Information Systems inc., OU=KH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Ark Information Systems inc., L=Chiyoda-Ku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
323B26493C61AD6083EBD73AF0898092

File PE Metadata
Compilation timestamp:
6/14/2013 11:26:57 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x57790

Entry point:
48, 83, EC, 28, E8, 17, 75, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 30, 4D, 85, C9, 49, 8B, D9, 49, 8B, F0, 48, 8B, FA, 74, 52, 48, 85, C9, 75, 38, E8, 59, 43, 00, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 48, C7, 44, 24, 20, 00, 00, 00, 00, C7, 00, 16, 00, 00, 00, E8, 2B, 76, 00, 00, B8, 16, 00, 00, 00, 48, 8B, 5C, 24, 40, 48, 8B, 74, 24, 48, 48, 83, C4, 30, 5F, C3, 4D, 85, C0, 74, 22, 48...
 
[+]

Entropy:
6.7682

Code size:
475.5 KB (486,912 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DiskMirror Startup

Command:
"C:\Program Files\ark information systems inc\diskmirror3\schedule.exe"


Scan Schedule.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.