home

Matrox.PDesk.Startup.exe

StartUp Application

Matrox Graphics Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Matrox PowerDesk’.
Publisher:
Matrox Graphics Inc.  (signed and verified)

Product:
StartUp Application

Version:
01,08,2820,0215

MD5:
9086b3dc1f3b2ae718dc6d37dc098789

SHA-1:
a612ff814f017f013dafddad009a93ee07b69cb7

SHA-256:
264a6a8c6d0b215bc5aea6cb90ed0c41d7c56a25522b46dc6dbbecc0130e7a5e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 8:56:42 PM UTC  (today)

File size:
827.3 KB (847,176 bytes)

Product version:
01,08,2820,0215

Copyright:
Copyright (c) 2008-2011

Original file name:
Matrox.PDesk.Startup.exe

File type:
Executable application (Win32 EXE)

Language:
English (Canada)

Common path:
C:\Program Files\matrox graphics\powerdesk\matrox.pdesk.startup.exe

Digital Signature
Signed by:
Matrox Graphics Inc.

Authority:
VeriSign, Inc.

Valid from:
4/24/2010 8:00:00 PM

Valid to:
4/30/2011 7:59:59 PM

Subject:
CN=Matrox Graphics Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Matrox Graphics Inc., L=Dorval, S=Quebec, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
69395CBFA9043D35D49F3D376A10A852

File PE Metadata
Compilation timestamp:
2/15/2011 2:56:27 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:xEmoRjRazrJkxIUVDzWS/ps0ZnDbraSYDTraM:j8azr2JzWUm0ZH5YDTraM

Entry address:
0x7995D

Entry point:
E8, C6, 3A, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, 60, F5, 4B, 00, E8, 21, 2A, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, 58, 85, 4C, 00, 77, 22, 6A, 04, E8, B1, 3C, 00, 00, 59, 83, 65, FC, 00, 56, E8, B8, 44, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, 2D, 2A, 00, 00, C3, 6A, 04, E8, AC, 3B, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 0F, 87, A1, 00, 00, 00, 53, 57, 8B, 3D, 18, 02, 4A, 00, 83, 3D, 6C, 71, 4C, 00, 00, 75, 18, E8, 89, 2E, 00...
 
[+]

Entropy:
6.2050

Code size:
633.5 KB (648,704 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Matrox PowerDesk

Command:
"C:\Program Files\matrox graphics\powerdesk\matrox.pdesk.startup.exe"


Scan Matrox.PDesk.Startup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.