home

pwcRoute.exe

PrintWhere 4.5

PrinterOn Inc

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘PrintWhere Router 4.5’.
Publisher:
PrinterOn Corporation  (signed by PrinterOn Inc)

Product:
PrintWhere 4.5

Description:
PrintWhere 4.5 Router

Version:
4.5AI

MD5:
8acb00d9d89dc69e63dc942d36f1a123

SHA-1:
b367a1a415f930639a42a2fc3ecc78c6e4365787

SHA-256:
d3cefe9e6227306796238bf3ba9d84f49939da154423c365a4bc3d811ee4f917

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 5:12:21 PM UTC  (today)

File size:
844.5 KB (864,760 bytes)

Product version:
4.5AI

Copyright:
© 2000-2013 PrinterOn Corporation

Original file name:
pwcRoute.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\printeron corporation\printwhere 4.5\pwcroute.exe

Digital Signature
Signed by:
PrinterOn Inc

Authority:
Thawte, Inc.

Valid from:
8/26/2013 2:00:00 AM

Valid to:
9/10/2014 1:59:59 AM

Subject:
CN=PrinterOn Inc, O=PrinterOn Inc, L=Kitchener, S=Ontario, C=CA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1DAE0232E85A8E7EB6E0B3B79F4A89B0

File PE Metadata
Compilation timestamp:
9/27/2013 3:41:18 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:nA7aQ758XJUTnsT2Kx/jgPzRobX1WF14OchOTijRX2swqmQ8FH1RPr2:AJ75RTsT2K9jqFogdTijRX2stXuLz

Entry address:
0x4024F

Entry point:
E8, 94, B4, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, 76, 46, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 6B, 18, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, 4D, 07, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, DC, 10, 00, 00, 83, C4, 0C, 39, 7D, 10, 74, B6, 39, 75, 0C, 73, 0E, E8, 27, 46, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, AD...
 
[+]

Code size:
468 KB (479,232 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PrintWhere Router 4.5

Command:
C:\Program Files\printeron corporation\printwhere 4.5\pwcroute.exe


Scan pwcRoute.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.