home

epowertray.exe

Power Management

Acer Incorporated

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Power Management’.
Publisher:
Acer Incorporated  (signed and verified)

Product:
Power Management

Description:
ePowerTray

Version:
6, 0, 3010, 0

MD5:
218a138aef824bd17cfaacf5bb79857a

SHA-1:
9dc14075010097853fd38ec4a515207c347da21a

SHA-256:
df82cf522847f930a26a438096c32a34f448a89f28ba4c681f396f0c25b96e28

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 11:25:58 AM UTC  (today)

File size:
1.7 MB (1,829,768 bytes)

Product version:
6, 0, 3010, 0

Copyright:
(C) All rights reserved

Original file name:
ePowerTray

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\packard bell\packard bell power management\epowertray.exe

Digital Signature
Signed by:
Acer Incorporated

Authority:
VeriSign, Inc.

Valid from:
9/3/2010 3:00:00 AM

Valid to:
9/14/2013 2:59:59 AM

Subject:
CN=Acer Incorporated, OU=OS Certification Dept., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Acer Incorporated, L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0AD6DAF14C6BE378C0E52AA780D2BC0C

File PE Metadata
Compilation timestamp:
2/7/2012 12:36:40 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x73C30

Entry point:
48, 83, EC, 28, E8, 37, 30, 01, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 83, EC, 38, 48, 85, C9, 4C, 8B, C9, 74, 0E, 48, 85, D2, 74, 09, 4D, 85, C0, 75, 3A, 66, 44, 89, 01, E8, 91, 09, 00, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 48, C7, 44, 24, 20, 00, 00, 00, 00, C7, 00, 16, 00, 00, 00, E8, 93, D5, FF, FF, B8, 16, 00, 00, 00, 48, 83, C4, 38, C3, 66, 66, 90, 66, 66, 90, 66, 66, 90, 41, 0F, B7, 00, 48, 83, C1, 02, 49, 83, C0, 02, 66, 85, C0, 66...
 
[+]

Code size:
978.5 KB (1,001,984 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Power Management

Command:
C:\Program Files\packard bell\packard bell power management\epowertray.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.