home

FRTask.EXE

FastRestore

Chongqing XIA Software Technology, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘FRTask’.
Publisher:
XIASOFT TECH CO.,LTD.  (signed by Chongqing XIA Software Technology, Inc.)

Product:
FastRestore

Description:
FastRestore Task Moudle

Version:
3, 2, 0, 38

MD5:
d592fbcee4115baf0e6e66292a9112e5

SHA-1:
5ed88a18ad74437dc00cf7e31f922c0b9d95248a

SHA-256:
be03438bbd9952e345f1df651f9e0c5d04376919c47bd798623bf56260d4d0fc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/27/2025 12:39:06 AM UTC  (today)

File size:
107.5 KB (110,128 bytes)

Product version:
3, 2, 0, 38

Copyright:
Copyright(C) XIASOFT TECH CO.,LTD. All Rights Reserved.

Original file name:
FRTask.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\xia soft\fastrestore\frtask.exe

Digital Signature
Signed by:
Chongqing XIA Software Technology, Inc.

Authority:
VeriSign, Inc.

Valid from:
9/4/2014 8:00:00 AM

Valid to:
10/4/2015 7:59:59 AM

Subject:
CN="Chongqing XIA Software Technology, Inc.", O="Chongqing XIA Software Technology, Inc.", L=ChongQing, S="Yubei District, ChongQing", C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5FB8EFB9E3FE2F857CD9DCA04991C66F

File PE Metadata
Compilation timestamp:
9/13/2014 10:51:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:tVicrR9N58uYdvAdP5tbM/H7IHW19+319+OSeQaAR8BxER:tVXRRPYd4dP5tiH7IHy9+F9+OwR8BG

Entry address:
0xAEF2

Entry point:
55, 8B, EC, 6A, FF, 68, A8, CC, 40, 00, 68, 18, B2, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, A0, C3, 40, 00, 59, 83, 0D, 00, 0F, 41, 00, FF, 83, 0D, 04, 0F, 41, 00, FF, FF, 15, 9C, C3, 40, 00, 8B, 0D, F4, 0E, 41, 00, 89, 08, FF, 15, 98, C3, 40, 00, 8B, 0D, F0, 0E, 41, 00, 89, 08, A1, 94, C3, 40, 00, 8B, 00, A3, FC, 0E, 41, 00, E8, B4, 02, 00, 00, 39, 1D, 68, 06, 41, 00, 75, 0C, 68, 14, B2, 40, 00, FF, 15...
 
[+]

Entropy:
5.6144

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
44 KB (45,056 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
FRTask

Command:
C:\Program Files\xia soft\fastrestore\frtask.exe


Scan FRTask.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.