home

DptfPolicyLpmServiceHelper.exe

Intel Dynamic Platform & Thermal Framework

Intel MCG PIV Tablet Validation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DptfPolicyLpmServiceHelper’.
Publisher:
Intel Corporation  (signed by Intel MCG PIV Tablet Validation)

Product:
Intel Dynamic Platform & Thermal Framework

Description:
Intel DPTF LPM Service Helper

Version:
7.0.0.0001

MD5:
858edea4f9b95fafc8f83da93e35518a

SHA-1:
291707e04afe90bc2b37494baf302a6c72cc7723

SHA-256:
0408cfee35c0b5f473657c74299a83a0d1701de4ef486ebc7947977911689cb0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:27:38 PM UTC  (today)

File size:
77 KB (78,800 bytes)

Product version:
7.0.0.0001

Copyright:
Copyright(C) 2003-2012 Intel Corporation

Original file name:
DptfPolicyLpmServiceHelper.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\dptfpolicylpmservicehelper.exe

Digital Signature
Signed by:
Intel MCG PIV Tablet Validation

Authority:
Intel Corporation

Valid from:
11/26/2012 10:08:43 PM

Valid to:
5/16/2015 1:05:13 AM

Subject:
CN=Intel MCG PIV Tablet Validation

Issuer:
CN=Intel External Basic Issuing CA 3A, O=Intel Corporation, C=US

Serial number:
1B3B76CF0001000099AB

File PE Metadata
Compilation timestamp:
2/11/2014 9:52:09 AM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:7mxRr+23TJgg53+mRO6Rs6flMy7tK9svXdPwO+Ub:KzFT+gomROss6flpisvXdPf

Entry address:
0x25CC

Entry point:
48, 83, EC, 28, E8, FF, 20, 00, 00, 48, 83, C4, 28, E9, 02, 00, 00, 00, CC, CC, 48, 89, 5C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 30, E8, 00, 24, 00, 00, 0F, B7, F0, B9, 02, 00, 00, 00, E8, 8B, 20, 00, 00, B8, 4D, 5A, 00, 00, 48, 8D, 3D, F3, D9, FF, FF, 66, 39, 05, EC, D9, FF, FF, 74, 04, 33, DB, EB, 31, 48, 63, 05, 1B, DA, FF, FF, 48, 03, C7, 81, 38, 50, 45, 00, 00, 75, EA, B9, 0B, 02, 00, 00, 66, 39, 48, 18, 75, DF, 33, DB, 83, B8, 84, 00, 00, 00, 0E, 76, 09, 39, 98, F8, 00, 00, 00, 0F, 95, C3, 89...
 
[+]

Entropy:
5.8738

Code size:
37 KB (37,888 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DptfPolicyLpmServiceHelper

Command:
C:\Windows\System32\dptfpolicylpmservicehelper.exe


Scan DptfPolicyLpmServiceHelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.