home

pastarter.exe

PowerArchiver 2017

ConeXware, Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘PowerArchiver Tray’.
Publisher:
ConeXware, Inc.  (signed and verified)

Product:
PowerArchiver 2017

Description:
PowerArchiver Starter

Version:
2.0.2.1

MD5:
1cd8eccc8873b059a6cc190c109e6cca

SHA-1:
8ad6fd8df4be84c2b40f508839bfee9e1cdbc600

SHA-256:
a7e040267ee90416ccd864e3ef7045578a83d777e2edb15ba419e013680fec8b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 6:38:55 PM UTC  (today)

File size:
1.9 MB (1,990,832 bytes)

Product version:
2.0

Copyright:
Copyright(c) 1998-2017 ConeXware, Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\powerarchiver\pastarter.exe

Digital Signature
Signed by:
ConeXware, Inc.

Authority:
DigiCert Inc

Valid from:
11/15/2016 1:00:00 AM

Valid to:
11/20/2017 1:00:00 PM

Subject:
CN="ConeXware, Inc.", O="ConeXware, Inc.", L=Reston, S=Virginia, C=US

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
05BDB31BFBE8C050FBAA10ED23A0F84F

File PE Metadata
Compilation timestamp:
1/30/2017 3:46:46 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x199AD4

Entry point:
55, 8B, EC, 83, C4, E0, B8, EC, 0D, 59, 00, E8, 2C, 3B, E7, FF, A1, 1C, DC, 59, 00, 8B, 00, E8, 3C, 22, FE, FF, 8B, 0D, 30, DE, 59, 00, A1, 1C, DC, 59, 00, 8B, 00, 8B, 15, 00, C4, 58, 00, E8, 3C, 22, FE, FF, 8B, 0D, DC, DD, 59, 00, A1, 1C, DC, 59, 00, 8B, 00, 8B, 15, EC, B5, 58, 00, E8, 24, 22, FE, FF, A1, 1C, DC, 59, 00, 8B, 00, C6, 40, 6F, 00, A1, 1C, DC, 59, 00, 8B, 00, 8B, 80, 88, 01, 00, 00, 89, 45, EC, 6A, EC, 8B, 45, EC, 50, E8, 3E, 77, E7, FF, 89, 45, E8, 8B, 45, E8, A3, C0, A6, 5B, 00, A1, 1C, DC...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.6 MB (1,673,216 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PowerArchiver Tray

Command:
C:\Program Files\powerarchiver\pastarter.exe


Scan pastarter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.