home

FRTask.EXE

FastRestore

Chongqing XIA Software Technology, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘FRTask’.
Publisher:
XIASOFT TECH CO.,LTD.  (signed by Chongqing XIA Software Technology, Inc.)

Product:
FastRestore

Description:
FastRestore Task Moudle

Version:
3, 2, 0, 38

MD5:
d0a87fa8cd0496142e9a7f5bd4bc3766

SHA-1:
6b676730ad5b5afdf8a3bdcb1b9d4bfed96cf416

SHA-256:
6f0e6151d304a89e558b248788baccefa6f1a0bae490a04ec5ce8d60b917d25a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/27/2025 12:20:10 AM UTC  (today)

File size:
107.5 KB (110,104 bytes)

Product version:
3, 2, 0, 38

Copyright:
Copyright(C) XIASOFT TECH CO.,LTD. All Rights Reserved.

Original file name:
FRTask.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\xia soft\fastrestore\frtask.exe

Digital Signature
Signed by:
Chongqing XIA Software Technology, Inc.

Authority:
VeriSign, Inc.

Valid from:
9/4/2014 8:00:00 AM

Valid to:
10/4/2015 7:59:59 AM

Subject:
CN="Chongqing XIA Software Technology, Inc.", O="Chongqing XIA Software Technology, Inc.", L=ChongQing, S="Yubei District, ChongQing", C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5FB8EFB9E3FE2F857CD9DCA04991C66F

File PE Metadata
Compilation timestamp:
5/4/2015 9:44:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:xw8wxlPs7lgQ6RR9wmcyhIWy9+F9+OwR8Bd:xw8wxhwgQJny9PwR0

Entry address:
0xAF92

Entry point:
55, 8B, EC, 6A, FF, 68, A8, CC, 40, 00, 68, B8, B2, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, A0, C3, 40, 00, 59, 83, 0D, 70, 0F, 41, 00, FF, 83, 0D, 74, 0F, 41, 00, FF, FF, 15, 9C, C3, 40, 00, 8B, 0D, 64, 0F, 41, 00, 89, 08, FF, 15, 98, C3, 40, 00, 8B, 0D, 60, 0F, 41, 00, 89, 08, A1, 94, C3, 40, 00, 8B, 00, A3, 6C, 0F, 41, 00, E8, B4, 02, 00, 00, 39, 1D, D8, 06, 41, 00, 75, 0C, 68, B4, B2, 40, 00, FF, 15...
 
[+]

Entropy:
5.6221

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
44 KB (45,056 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
FRTask

Command:
C:\Program Files\xia soft\fastrestore\frtask.exe


Scan FRTask.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.