home

ntserv.exe

Rohos Disk, Rohos Logon Key

Tesline-Service s.r.l.

It runs as a separate (within the context of its own process) windows Service named “Rohos Logon Key service”.
Publisher:
Tesline-Service SRL  (signed by Tesline-Service s.r.l.)

Product:
Rohos Disk®, Rohos Logon Key®

Description:
Rohos Welcome Screen support service.

Version:
1.9.1

MD5:
c642ce106e39f63f5fd934fdac7a7d66

SHA-1:
be5cce9ecda06aa6729adda0e87deedd2725f9ca

SHA-256:
9b7e8e48deeb91eee05623f447b7f15f2541f51b4235d14db004067b47cb9e60

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/4/2024 6:08:36 AM UTC  (today)

File size:
88 KB (90,144 bytes)

Product version:
1.1.2005

Copyright:
(c) Tesline-service. 2003-2015.

Original file name:
Rohos NTServ.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\rohos\ntserv.exe

Digital Signature
Signed by:
Tesline-Service s.r.l.

Authority:
GlobalSign nv-sa

Valid from:
11/20/2014 4:16:25 AM

Valid to:
2/20/2018 4:16:25 AM

Subject:
CN=Tesline-Service s.r.l., OU=Rohos, O=Tesline-Service s.r.l., L=Chisinau, C=MD

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112147039D3A8FFEE281C3FDDF38A29D6B10

File PE Metadata
Compilation timestamp:
2/15/2017 12:59:06 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

Entry address:
0x9A73

Entry point:
E8, 6C, 04, 00, 00, E9, 9E, FD, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 28, 54, 41, 00, 89, 0D, 24, 54, 41, 00, 89, 15, 20, 54, 41, 00, 89, 1D, 1C, 54, 41, 00, 89, 35, 18, 54, 41, 00, 89, 3D, 14, 54, 41, 00, 66, 8C, 15, 40, 54, 41, 00, 66, 8C, 0D, 34, 54, 41, 00, 66, 8C, 1D, 10, 54, 41, 00, 66, 8C, 05, 0C, 54, 41, 00, 66, 8C, 25, 08, 54, 41, 00, 66, 8C, 2D, 04, 54, 41, 00, 9C, 8F, 05, 38, 54, 41, 00, 8B, 45, 00, A3, 2C, 54, 41, 00, 8B, 45, 04, A3, 30, 54, 41, 00, 8D, 45, 08, A3, 3C, 54, 41, 00, 8B...
 
[+]

Entropy:
5.7504

Code size:
40 KB (40,960 bytes)

Service
Display name:
Rohos Logon Key service

Service name:
Rohos

Type:
Win32OwnProcess

Group:
UIGroup


Scan ntserv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.