» id_bglaunch.exe
Overview
Analysis
File Details
Behaviors (1)

id_bglaunch.exe

IDrive

Pro Softnet Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IDrive Background process’.

File name:

id_bglaunch.exe

Publisher:

Prosoftnet (signed by Pro Softnet Corporation)

Product:

IDrive

Description:

IDrive Background

Version:

6.5.1.0

MD5:

ac39529e0f0d956c02d0ba7f5b42997a

SHA-1:

376f7054f9a215bdddfa600fd2f3400e30341888

SHA-256:

c3633399c1e64b015473d3e14aa9b61728d2a58bddfa6852905bf1339f6593b2

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

1/12/2025 2:30:42 PM UTC (today)

File size:

71.7 KB (73,448 bytes)

Product version:

6.5.1.0

Original file name:

id_bglaunch.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\idrivewindows\id_bglaunch.exe

Digital Signature

Signed by:

Pro Softnet Corporation

Authority:

thawte, Inc.

Valid from:

1/20/2016 7:00:00 PM

Valid to:

2/13/2018 6:59:59 PM

Subject:

CN=Pro Softnet Corporation, OU=IT, O=Pro Softnet Corporation, L=Calabasas, S=California, C=US

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

65308A80227C96C224AE729EC0096CCC

File PE Metadata

Compilation timestamp:

5/4/2016 7:32:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

Entry address:

0x53FE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.7483

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

13.5 KB (13,824 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

IDrive Background process

Command:

"C:\Program Files\idrivewindows\id_bglaunch.exe" min

Scan id_bglaunch.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.