home

BootLogService.exe

BootLog XP

Greatis Software LLC

It runs as a windows Service named “BootlogService”.
Publisher:
Greatis Software (c)  (signed by Greatis Software LLC)

Product:
BootLog XP

Description:
Bootlog XP Service

Version:
2, 0, 5, 1

MD5:
150344144889ca547932ee4aab4d3db5

SHA-1:
f0375672620ca33eda3fa571a22052af47eae2a4

SHA-256:
fd2b13d72d9b1db228c49f64d9ed3d6b570eb97d17d38cf9c86ded88acff80b1

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 2:08:02 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Worm.Runouce-861
0.98/21511

File size:
63.8 KB (65,304 bytes)

Product version:
2, 0, 5, 1

Copyright:
Copyright © 2009

Trademarks:
Bootlog XP

Original file name:
BootLogService.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\greatis\regrunsuite\bootlogservice.exe

Digital Signature
Signed by:
Greatis Software LLC

Authority:
The USERTRUST Network

Valid from:
6/1/2011 5:00:00 PM

Valid to:
6/1/2016 4:59:59 PM

Subject:
CN=Greatis Software LLC, O=Greatis Software LLC, STREET=Turgeneva 1-65, L=Yaroslavl, S=Yaroslavl, PostalCode=150054, C=RU

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
575425920A0FA110B23C10FD669FAE85

File PE Metadata
Compilation timestamp:
9/17/2009 4:02:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

CTPH (ssdeep):
768:HyAlY41k2Xw2UbQUIEtlTsPdfHQ5IZZkJ9o6a2oTvU+6a8:HygYn2XAltlTAHQ5InYoAoTvl63

Entry address:
0x3121

Entry point:
55, 8B, EC, 6A, FF, 68, 60, 91, 40, 00, 68, 50, 51, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 10, 53, 56, 57, 89, 65, E8, FF, 15, 84, 90, 40, 00, 33, D2, 8A, D4, 89, 15, C4, C3, 40, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, C0, C3, 40, 00, C1, E1, 08, 03, CA, 89, 0D, BC, C3, 40, 00, C1, E8, 10, A3, B8, C3, 40, 00, 6A, 01, E8, 07, 28, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, AB, 00, 00, 00, 59, E8, 1B, 18, 00, 00, 85, C0, 75, 08, 6A, 10, E8, 9A, 00, 00, 00, 59, 83, 65, FC, 00...
 
[+]

Entropy:
5.6652

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
32 KB (32,768 bytes)

Service
Display name:
BootlogService

Type:
Win32OwnProcess, InteractiveProcess


Scan BootLogService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.