home

SchedInd.exe

WinTask

TaskWare

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘WTIndicator’.
Publisher:
TaskWare  (signed and verified)

Product:
WinTask

Description:
Scheduler Indicator

Version:
5,4,764,0

MD5:
44e25a34191d967a766fc90ec397c37c

SHA-1:
ca9371a7c1e1b7c34c052b9deaf149ffda82c2e8

SHA-256:
13b9b45da3285dea244127e84a37a9b50481da780007bea76ffa9c6d1907c1a6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 7:41:43 PM UTC  (today)

File size:
56.8 KB (58,112 bytes)

Product version:
5,4,764,0

Copyright:
Copyright (C) 1997-2016 TaskWare.

Original file name:
SchedInd.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\wintask\bin\schedind.exe

Digital Signature
Signed by:
TaskWare

Authority:
COMODO CA Limited

Valid from:
2/19/2014 1:00:00 AM

Valid to:
2/20/2016 12:59:59 AM

Subject:
CN=TaskWare, O=TaskWare, STREET=25 rue de Naples, L=Paris, S=Paris, PostalCode=75008, C=FR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2263288B1FC5234EF398D18DDA4F613E

File PE Metadata
Compilation timestamp:
2/4/2016 9:33:10 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
768:0+v0h+DPZtegVrmprY/ioa6KyLotsoQ6GyjxTQVzEaY0pvA6ACbKSFX:0J+NtegopEaoQiMsV6GcQJ1HvECGuX

Entry address:
0x4D96

Entry point:
E8, 79, 0A, 00, 00, E9, 03, FE, FF, FF, FF, 25, 80, 71, 40, 00, 3B, 0D, 10, A0, 40, 00, 75, 02, F3, C3, E9, DC, 0B, 00, 00, 83, 3D, 94, D7, 40, 00, 00, 74, 03, 33, C0, C3, 56, 6A, 04, 6A, 20, FF, 15, 18, 71, 40, 00, 59, 59, 8B, F0, 56, FF, 15, 4C, 70, 40, 00, A3, 94, D7, 40, 00, A3, 90, D7, 40, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 14, 68, C8, 8C, 40, 00, E8, 73, 07, 00, 00, 83, 65, DC, 00, FF, 35, 94, D7, 40, 00, 8B, 35, A0, 70, 40, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75...
 
[+]

Code size:
22 KB (22,528 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
WTIndicator

Command:
C:\Program Files\wintask\bin\schedind.exe


Scan SchedInd.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.