prestartupworker.exe

Macecraft Software

Publisher:
Macecraft Software  (signed and verified)

MD5:
ef0f7864f71b7050bb4966b7cb4cfbd5

SHA-1:
fd540efaa6b3ef9c6cbf47ceba385f84aca13fb0

SHA-256:
ae49ecf2eec81d5969bb800ea46d66406050f281a50db16aab14e2932f3d998e

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/27/2024 7:27:59 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:AdWare.Win32.InstallCore.i!1075350952
23.00.65.15309

File size:
300.9 KB (308,112 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\jv16 powertools x\prestartupworker.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
4/9/2013 8:00:00 PM

Valid to:
4/10/2015 7:59:59 PM

Subject:
CN=Macecraft Software, O=Macecraft Software, STREET=Aninkaistenkatu 5 B 21, L=Turku, S=Satakunta, PostalCode=20100, C=FI

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F77AD3D6C13C25E9E5C7D518D05C531D

File PE Metadata
Compilation timestamp:
12/17/2014 12:11:14 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
6144:bmkEv1K83T3s659vADcw8Wz+A6d2JUcJMSI1eld/+tOwYCxcsSZcSY3z6gl1foSN:FU37sWADcw4Ac2OcnI1e2tACxcsecp3Z

Entry address:
0x1016C0

Entry point:
60, BE, 00, 90, 4B, 00, 8D, BE, 00, 80, F4, FF, C7, 87, F8, E9, 0C, 00, 96, 36, 98, BD, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, FD, F2, 0F, 00, 57, 83, C3, 04, 53, 68, B8, 86, 04, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 00, 00, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9...
 
[+]

Entropy:
7.9874  (probably packed)

Code size:
296 KB (303,104 bytes)

Scan prestartupworker.exe - Powered by Reason Core Security