home

Matrox.PDesk.Startup.exe

StartUp Application

Matrox Graphics Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Matrox PowerDesk’.
Publisher:
Matrox Graphics Inc.  (signed and verified)

Product:
StartUp Application

Version:
01,14,0183,0508

MD5:
6351338c654b84fbe4d7f541e9f811b1

SHA-1:
ff6eecefe1906f44f467837b800010171d102a87

SHA-256:
074fbd3cd9cf6fb5eb45b677904f210e5b8a30f741d4ceb8bc3cf058f81be55a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 4:55:50 PM UTC  (today)

File size:
873.3 KB (894,288 bytes)

Product version:
01,14,0183,0508

Copyright:
Copyright (c) 2008-2012, Matrox Graphics Inc. All rights reserved.

Original file name:
Matrox.PDesk.Startup.exe

File type:
Executable application (Win32 EXE)

Language:
English (Canada)

Common path:
C:\Program Files\matrox graphics\powerdesk\matrox.pdesk.startup.exe

Digital Signature
Signed by:
Matrox Graphics Inc.

Authority:
VeriSign, Inc.

Valid from:
4/23/2012 8:00:00 PM

Valid to:
4/29/2013 7:59:59 PM

Subject:
CN=Matrox Graphics Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Matrox Graphics Inc., L=Dorval, S=Quebec, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
41A03245D8ABDF8F593C0834DA957B2F

File PE Metadata
Compilation timestamp:
5/8/2012 8:24:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:LBsiKSzC4WR9UmKjXd1hBizCEvuk/fzx8q7AWBBkI0pKh/pWljQ8:LB/KqyUmGzfiV+QkI0pKHWljQ8

Entry address:
0x8220F

Entry point:
E8, 34, 3B, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, 78, 8C, 4C, 00, E8, 8F, 2A, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, 98, 26, 4D, 00, 77, 22, 6A, 04, E8, 1F, 3D, 00, 00, 59, 83, 65, FC, 00, 56, E8, 26, 45, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, 9B, 2A, 00, 00, C3, 6A, 04, E8, 1A, 3C, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 0F, 87, A1, 00, 00, 00, 53, 57, 8B, 3D, 40, 92, 4A, 00, 83, 3D, 6C, 12, 4D, 00, 00, 75, 18, E8, F7, 2E, 00...
 
[+]

Entropy:
6.2169

Code size:
672 KB (688,128 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Matrox PowerDesk

Command:
"C:\Program Files\matrox graphics\powerdesk\matrox.pdesk.startup.exe"


Scan Matrox.PDesk.Startup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.