home

DptfPolicyLpmServiceHelper.exe

Intel Dynamic Platform & Thermal Framework

Intel MCG PIV Tablet Validation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DptfPolicyLpmServiceHelper’.
Publisher:
Intel Corporation  (signed by Intel MCG PIV Tablet Validation)

Product:
Intel Dynamic Platform & Thermal Framework

Description:
Intel DPTF LPM Service Helper

Version:
7.0.0.0001

MD5:
115e34ce364d3e9a8f291256a9c920e7

SHA-1:
01edb4c2a303c15903dfc3c0b3f329be31425eeb

SHA-256:
dcde7ee209018373e1f66a764809b4d8bdf52193267145c9da4c658b3bceb1b0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 10:15:39 AM UTC  (today)

File size:
107.4 KB (110,008 bytes)

Product version:
7.0.0.0001

Copyright:
Copyright(C) 2003-2014 Intel Corporation

Original file name:
DptfPolicyLpmServiceHelper.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Windows\System32\dptfpolicylpmservicehelper.exe

Digital Signature
Signed by:
Intel MCG PIV Tablet Validation

Authority:
Intel Corporation

Valid from:
11/27/2012 12:38:43 AM

Valid to:
5/16/2015 3:35:13 AM

Subject:
CN=Intel MCG PIV Tablet Validation

Issuer:
CN=Intel External Basic Issuing CA 3A, O=Intel Corporation, C=US

Serial number:
1B3B76CF0001000099AB

File PE Metadata
Compilation timestamp:
4/20/2015 12:57:42 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
3072:c46pTT66VmZNYkrF3o/17CjeZuX+RLMrjXl:1QTWAmUkrVG1WouXgCV

Entry address:
0x275C

Entry point:
48, 83, EC, 28, E8, 5B, 21, 00, 00, 48, 83, C4, 28, E9, 02, 00, 00, 00, CC, CC, 48, 89, 5C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 30, E8, A0, 24, 00, 00, 0F, B7, F0, B9, 02, 00, 00, 00, E8, E7, 20, 00, 00, B8, 4D, 5A, 00, 00, 48, 8D, 3D, 63, D8, FF, FF, 66, 39, 05, 5C, D8, FF, FF, 74, 04, 33, DB, EB, 31, 48, 63, 05, 8B, D8, FF, FF, 48, 03, C7, 81, 38, 50, 45, 00, 00, 75, EA, B9, 0B, 02, 00, 00, 66, 39, 48, 18, 75, DF, 33, DB, 83, B8, 84, 00, 00, 00, 0E, 76, 09, 39, 98, F8, 00, 00, 00, 0F, 95, C3, 89...
 
[+]

Entropy:
5.9171

Code size:
52 KB (53,248 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DptfPolicyLpmServiceHelper

Command:
C:\Windows\System32\dptfpolicylpmservicehelper.exe


Scan DptfPolicyLpmServiceHelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.