home

Able2ExtractPro.PrnDisp.exe

Able2Extract Professional

Investintech.com Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Able2Extract Professional 11.0 Print Dispatcher’.
Publisher:
Investintech.com Inc.  (signed and verified)

Product:
Able2Extract Professional

Description:
Print Dispatcher

Version:
11.0.2

MD5:
23dfc12a3fb97b2343cd2f027c4d8ef6

SHA-1:
8125124e2a911306f60fa6e4a58c28aa8d29efe9

SHA-256:
af125a0eb668b53e9ba74d2760bb6b93ba56bc378a8ce176ddd9c1a5b30cea2a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 2:25:24 AM UTC  (today)

File size:
6.8 MB (7,127,064 bytes)

Product version:
11.0.2

Copyright:
Copyright © 2000 - 2016 Investintech.com Inc.

Original file name:
Able2ExtractPro.PrnDisp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\investintech.com inc\able2extract professional 11.0\able2extractpro.prndisp.exe

Digital Signature
Signed by:
Investintech.com Inc.

Authority:
Symantec Corporation

Valid from:
3/2/2016 9:00:00 PM

Valid to:
10/18/2017 8:59:59 PM

Subject:
CN=Investintech.com Inc., O=Investintech.com Inc., L=Toronto, S=Ontario, C=CA

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
02B76A9C92937C9BEE36EE865B282874

File PE Metadata
Compilation timestamp:
12/5/2016 7:30:28 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x2A9DB0

Entry point:
E8, CE, 06, 00, 00, E9, 63, FD, FF, FF, FF, 25, 80, F3, 81, 00, FF, 25, 88, F3, 81, 00, FF, 25, 90, F3, 81, 00, 6A, 10, 68, E8, 86, 98, 00, E8, F8, 03, 00, 00, 33, C0, 89, 45, E0, 89, 45, FC, 89, 45, E4, 8B, 45, E4, 3B, 45, 10, 7D, 13, 8B, 75, 08, 8B, CE, FF, 55, 14, 03, 75, 0C, 89, 75, 08, FF, 45, E4, EB, E5, C7, 45, E0, 01, 00, 00, 00, C7, 45, FC, FE, FF, FF, FF, E8, 08, 00, 00, 00, E8, FF, 03, 00, 00, C2, 14, 00, 83, 7D, E0, 00, 75, 11, FF, 75, 18, FF, 75, E4, FF, 75, 0C, FF, 75, 08, E8, DA, FB, FF, FF...
 
[+]

Code size:
4.1 MB (4,314,624 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Able2Extract Professional 11.0 Print Dispatcher

Command:
C:\Program Files\investintech.com inc\able2extract professional 11.0\able2extractpro.prndisp.exe


Scan Able2ExtractPro.PrnDisp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.