home

FRTask.EXE

FastRestore

Chongqing XIA Software Technology, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘FRTask’.
Publisher:
XIASOFT TECH CO.,LTD.  (signed by Chongqing XIA Software Technology, Inc.)

Product:
FastRestore

Description:
FastRestore Task Moudle

Version:
3, 2, 0, 38

MD5:
104692d756a71963e55ff1b7d770f0f4

SHA-1:
d029d3a7981c80003a8218f11ac00ea03904ecbd

SHA-256:
dae53356be2c37b095b51c6916a771c7978ddabec083a0886080cb2d813658f6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/26/2025 11:59:57 PM UTC  (a few moments ago)

File size:
135.5 KB (138,776 bytes)

Product version:
3, 2, 0, 38

Copyright:
Copyright(C) XIASOFT TECH CO.,LTD. All Rights Reserved.

Original file name:
FRTask.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\xia soft\fastrestore\frtask.exe

Digital Signature
Signed by:
Chongqing XIA Software Technology, Inc.

Authority:
VeriSign, Inc.

Valid from:
9/4/2014 7:00:00 AM

Valid to:
10/4/2015 6:59:59 AM

Subject:
CN="Chongqing XIA Software Technology, Inc.", O="Chongqing XIA Software Technology, Inc.", L=ChongQing, S="Yubei District, ChongQing", C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5FB8EFB9E3FE2F857CD9DCA04991C66F

File PE Metadata
Compilation timestamp:
5/29/2015 7:59:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:uZKEtKAc48ubaE0EJJfgQ/dVqkxNa4abyhIzltxQhQ:uZKsKAjPbaKgQ/dVqkxNlQyhIzltaC

Entry address:
0xB088

Entry point:
55, 8B, EC, 6A, FF, 68, A8, CC, 40, 00, 68, B8, B3, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, A4, C3, 40, 00, 59, 83, 0D, 70, 0F, 41, 00, FF, 83, 0D, 74, 0F, 41, 00, FF, FF, 15, A0, C3, 40, 00, 8B, 0D, 64, 0F, 41, 00, 89, 08, FF, 15, 9C, C3, 40, 00, 8B, 0D, 60, 0F, 41, 00, 89, 08, A1, 98, C3, 40, 00, 8B, 00, A3, 6C, 0F, 41, 00, E8, BE, 02, 00, 00, 39, 1D, D8, 06, 41, 00, 75, 0C, 68, B4, B3, 40, 00, FF, 15...
 
[+]

Entropy:
5.1024

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
44 KB (45,056 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
FRTask

Command:
C:\Program Files\xia soft\fastrestore\frtask.exe


Scan FRTask.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.