home

Able2ExtractPro.PrnDisp.exe

Able2Extract Professional

Investintech.com Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Able2Extract Professional 10.0 Print Dispatcher’.
Publisher:
Investintech.com Inc.  (signed and verified)

Product:
Able2Extract Professional

Description:
Print Dispatcher

Version:
10.0.6

MD5:
c3af40adb617272161db344e5de21058

SHA-1:
7dff013dbc376c15966f84152114d347a6252a25

SHA-256:
e4875af01c43fbaecce05efa7949c9da3750af03a9093b7ea202039a9b4986f3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 3:37:12 AM UTC  (today)

File size:
5 MB (5,274,472 bytes)

Product version:
10.0.6

Copyright:
Copyright © 2000 - 2016 Investintech.com Inc.

Original file name:
Able2ExtractPro.PrnDisp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\investintech.com inc\able2extract professional 10.0\able2extractpro.prndisp.exe

Digital Signature
Signed by:
Investintech.com Inc.

Authority:
VeriSign, Inc.

Valid from:
8/20/2014 7:00:00 AM

Valid to:
10/19/2017 6:59:59 AM

Subject:
CN=Investintech.com Inc., O=Investintech.com Inc., L=Toronto, S=Ontario, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6A1CA0035869752FEDB70357DD081EAA

File PE Metadata
Compilation timestamp:
1/29/2016 5:15:48 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x1C2860

Entry point:
E8, CE, 06, 00, 00, E9, 63, FD, FF, FF, FF, 25, 78, C3, 71, 00, FF, 25, 80, C3, 71, 00, 6A, 10, 68, 08, 8D, 7E, 00, E8, FE, 03, 00, 00, 33, C0, 89, 45, E0, 89, 45, FC, 89, 45, E4, 8B, 45, E4, 3B, 45, 10, 7D, 13, 8B, 75, 08, 8B, CE, FF, 55, 14, 03, 75, 0C, 89, 75, 08, FF, 45, E4, EB, E5, C7, 45, E0, 01, 00, 00, 00, C7, 45, FC, FE, FF, FF, FF, E8, 08, 00, 00, 00, E8, 05, 04, 00, 00, C2, 14, 00, 83, 7D, E0, 00, 75, 11, FF, 75, 18, FF, 75, E4, FF, 75, 0C, FF, 75, 08, E8, E0, FB, FF, FF, C3, 50, 64, FF, 35, 00...
 
[+]

Entropy:
6.4590

Code size:
3.1 MB (3,254,272 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Able2Extract Professional 10.0 Print Dispatcher

Command:
C:\Program Files\investintech.com inc\able2extract professional 10.0\able2extractpro.prndisp.exe


Scan Able2ExtractPro.PrnDisp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.