home

Matrox.PDesk.Startup.exe

StartUp Application

Matrox Graphics Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Matrox PowerDesk’.
Publisher:
Matrox Graphics Inc.  (signed and verified)

Product:
StartUp Application

Version:
01,01,0035,0808

MD5:
fb9178cdc212eeb292b257f3dd4cbf07

SHA-1:
6a65a2311fae567a0ff1d03e2661920e88bb8656

SHA-256:
97c44870cb7ac1403357d386bfdb579358d69a1dda6d82d1b0c9fb836b26bd47

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 8:25:19 PM UTC  (today)

File size:
409.8 KB (419,584 bytes)

Product version:
01,01,0035,0808

Copyright:
Copyright (c) 2008, Matrox Graphics Inc. All rights reserved.

Original file name:
Matrox.PDesk.Startup.exe

File type:
Executable application (Win32 EXE)

Language:
English (Canada)

Common path:
C:\Program Files\matrox graphics\powerdesk\matrox.pdesk.startup.exe

Digital Signature
Signed by:
Matrox Graphics Inc.

Authority:
VeriSign, Inc.

Valid from:
4/10/2008 2:00:00 AM

Valid to:
5/1/2009 1:59:59 AM

Subject:
CN=Matrox Graphics Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Matrox Graphics Inc., L=Dorval, S=Quebec, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
12999FAF6DEBC2D8F3BEAB2365B9CA3A

File PE Metadata
Compilation timestamp:
8/8/2008 9:04:20 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:JbEUF46EpR1KxWKZYD7lTCXstGXHQEr8jOyG0fghTzmFi3SnsAafm0H5b:D7EswrGXHQEr8jOyDfqTSvn6fRH5b

Entry address:
0x3253A

Entry point:
E8, EA, 33, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, D8, D7, 45, 00, E8, 44, 24, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, F0, 3B, 46, 00, 77, 22, 6A, 04, E8, D5, 35, 00, 00, 59, 83, 65, FC, 00, 56, E8, DC, 3D, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, 50, 24, 00, 00, C3, 6A, 04, E8, D0, 34, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 0F, 87, A1, 00, 00, 00, 53, 57, 8B, 3D, 80, C1, 44, 00, 83, 3D, 74, 28, 46, 00, 00, 75, 18, E8, AC, 28, 00...
 
[+]

Code size:
296.5 KB (303,616 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Matrox PowerDesk

Command:
C:\Program Files\matrox graphics\powerdesk\matrox.pdesk.startup.exe


Scan Matrox.PDesk.Startup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.