home

vdrive.exe

DVDFab Virtual Drive

Fengtao Software Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘DVDFab VDrive’.
Publisher:
DVDFab Software  (signed by Fengtao Software Inc.)

Product:
DVDFab Virtual Drive

Description:
DVDFab Virtual Drive Tray

Version:
1.5.1.1

MD5:
dd2c2c61e0db8b10f789d0dbac3b905f

SHA-1:
bf2507e7666bf49e80555afade5611c60d990e15

SHA-256:
57412e77be545d630782d5327922233d099272a3dfff8c58fbf0d158494e7d1e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/4/2024 7:51:44 AM UTC  (today)

File size:
606.4 KB (620,904 bytes)

Product version:
1.5.1.1

Copyright:
Copyright (C) 2014 Fengtao Software

Original file name:
vdrive.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\dvdfab6 dvd copy and vidon server\dvdfab virtual drive\vdrive.exe

Digital Signature
Signed by:
Fengtao Software Inc.

Authority:
GlobalSign nv-sa

Valid from:
9/14/2015 1:09:45 PM

Valid to:
8/4/2018 11:16:57 AM

Subject:
CN=Fengtao Software Inc., O=Fengtao Software Inc., L=Beijing, S=Beijing, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121E2B067DC6C4CC14498C65561316A9EAC

File PE Metadata
Compilation timestamp:
8/29/2014 5:57:38 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:dyyMLJZbb0tF5ChXBC34CFjUdC5CCVCCCCM6JnKez+k5Zy4C/IW/D5EP+:dytzmF5ChXMIwjLJnKez+eZyh/IWKP+

Entry address:
0x23CEC

Entry point:
48, 83, EC, 28, E8, CF, 8D, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, 48, 8D, 05, FD, 8F, 00, 00, 48, 8D, 0D, 46, 9B, 00, 00, 48, 89, 05, D3, 45, 02, 00, 48, 8D, 05, D8, 8F, 00, 00, 48, 89, 0D, BD, 45, 02, 00, 48, 89, 05, C6, 45, 02, 00, 48, 8D, 05, CB, 8F, 00, 00, 48, 89, 0D, D0, 45, 02, 00, 48, 89, 05, B9, 45, 02, 00, 48, 8D, 05, 52, 8F, 00, 00, 48, 89, 05, B3, 45, 02, 00, 48, 8D, 05, 68, 9A, 00, 00, 48, 89, 05, B5, 45, 02, 00, 48, 8D, 05, 4E, 8F, 00, 00, 48, 89, 05, AF, 45, 02, 00, 48, 8D, 05...
 
[+]

Entropy:
6.6501

Code size:
277 KB (283,648 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DVDFab VDrive

Command:
"C:\Program Files\dvdfab6 dvd copy and vidon server\dvdfab virtual drive\vdrive.exe"


Scan vdrive.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.