» LTSVC.exe
Overview
Analysis
File Details
Behaviors (1)

LTSVC.exe

LabTech MSP

LabTech Software

It runs as a separate (within the context of its own process) windows Service named “Hensley Elam OnGuard Service”.

File name:

LTSVC.exe

Publisher:

LabTech Software (signed and verified)

Product:

LabTech MSP

Description:

LabTech Service

Version:

41.199.4316.16885

MD5:

197dda7bd7fe68f21372fb01f3152ef4

SHA-1:

3c073f9c20f46167ef5b378fd7c1a241829473c0

SHA-256:

3ba819d11b0cb33804369961f935298bea19d4b8837f60bb029adc0c49aff01f

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/19/2024 9:57:41 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Spy.Gen

7.11.25.158

File size:

11.8 MB (12,390,728 bytes)

Product version:

3.0

Original file name:

LTSVC.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\windows\ltsvc\ltsvc.exe

Digital Signature

Signed by:

LabTech Software

Authority:

VeriSign, Inc.

Valid from:

3/23/2011 8:00:00 PM

Valid to:

3/23/2014 7:59:59 PM

Subject:

CN=LabTech Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=LabTech Software, L=Tampa, S=Florida, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

16D4D711F93CBB86F09D425D04A5D0DE

File PE Metadata

Compilation timestamp:

10/26/2011 11:45:12 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

196608:cOJF4L2Rk3CtAzu5sfa1I7GB0nSdQs/EBpKZhvgSgimMCgSXCIw1ksldw2X:/F4L2Rk3CtAzu5sfa1I7GB0nSdQs/EB8

Entry address:

0xBCE86E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.3755

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

11.8 MB (12,372,480 bytes)

Service

Display name:

Hensley Elam OnGuard Service

Service name:

LTService

Description:

Hensley Elam OnGuard Service This connects this computer to the main database for monitoring and maintenance. Stopping or disabling this service will disconnect you from the monitor services, this mig

Type:

Win32OwnProcess

Scan LTSVC.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.