home

RestoreDefaultServices.exe

RestoreDefaultServices.exe

Geek Squad

Publisher:
Geek Squad  (signed and verified)

Product:
RestoreDefaultServices.exe

Description:
Restores default Windows Services on XP/Vista/7

Version:
1.1.0.1356

MD5:
8fdd9e39bb3a3ec74eaa88821760de2b

SHA-1:
9e319e03983489e1d0bb0a7047a6551804dd8f9b

SHA-256:
71327919feb8694eac1674b4f0d4c282b671ac01784227c65c5afa5f892e6c48

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 4:06:55 AM UTC  (today)

File size:
1.1 MB (1,129,056 bytes)

Product version:
1.1.0.1356

Copyright:
Confidential Trade Secret of ©2011-2012 Best Buy Enterprise Services, Inc. For internal use only.

Original file name:
RestoreDefaultServices.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\logmein rescue applet\lmir0001.tmp\toolset\restoredefaultservices.exe

Digital Signature
Signed by:
Geek Squad

Authority:
VeriSign, Inc.

Valid from:
8/25/2009 7:00:00 PM

Valid to:
10/20/2012 6:59:59 PM

Subject:
CN=Geek Squad, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Geek Squad, L=Richfield, S=Minnesota, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
44980722CAD26153548BCFFFE3B23D73

File PE Metadata
Compilation timestamp:
7/16/2012 5:11:27 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
24576:/+NHwBy6B3u7llf8SGwjq5ZoXcapCweB06BbYH84eDYARVqOp/i7:/+NQBy6B3u7bffGw427u08MWY7

Entry address:
0xB02E

Entry point:
B8, 6C, F4, 83, 01, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 3B, 2A, D6, 7B, E7, 74, F7, E2, D6, DF, CB, 5D, 80, C1, C9, 7E, 95, 30, D5, 6A, FF, 50, FA, 62, 1F, 82, 3F, 89, 38, 44, 02, 8A, FC, 3E, 7C, 0F, E6, F2, EC, AB, 42, F8, 88, 01, E3, F4, 8B, 69, 6D, A3, F9, 2D, 28, 5F, 40, 30, 75, A8, 1F, 77, 92, DA, 04, 3F, EE, C3, A8, 92, 07, 32, DB, 5E, 7F, 63, 9B, BD, EA, 6F, 53, B5, EE, EF, 0D, E4, 74, E6, 42, F3, 32, D1, AD, 7F, F5...
 
[+]

Entropy:
7.9988

Packer / compiler:
PECompact v2

Code size:
87.5 KB (89,600 bytes)

Scan RestoreDefaultServices.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.