XoftSpyService.exe

XoftspySE by ParetoLogic Inc. (Signed)

Version:	1.1.0.1
MD5:	547df50f6ab868184b7c1936ae1f527e
SHA1:	4c88e2edb7fc2030f2c9bc7d5ec309d3952032dc
SHA256:	ce9b47e707cddb367fc4d5ca102233edddd97388f89e088a402cd8e77e10624e

Overview

xoftspyservice.exe runs as a service under the name XoftSpyService with extensive SYSTEM privileges (full administrator access). The file is digitally signed by ParetoLogic Inc. which was issued by the VeriSign certificate authority (CA). This particular version is usually found on Microsoft Windows XP (5.1.2600.131072).

Details

File name:	xoftspyservice.exe
Publisher:	ParetoLogic Inc.
Product name:	XoftspySE
Description:	XoftSpy Service
Typical file path:	C:\Program Files\common files\xoftspyse\6\xoftspyservice.exe
File version:	1.1.0.1
Product version:	6.0.0.39
Size:	568.77 KB (582,424 bytes)
Build date:	8/29/2009 12:11 AM
Certificate
Issued to:	ParetoLogic Inc.
Authority (CA):	VeriSign
Digital DNA
PE subsystem:	Windows GUI
File packed:	No
.NET CLR:	No

More details

Behaviors

Service

Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)

'XoftSpyService'

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.00733880%	0.028634%
Kernel CPU:	0.00411161%	0.013761%
User CPU:	0.00322719%	0.014873%
Kernel CPU time:	438 ms/min	100,923,805ms/min
Memory
Private memory:	16.8 MB	21.59 MB
Private (maximum):	22.23 MB
Private (minimum):	4.64 MB
Non-paged memory:	16.8 MB	21.59 MB
Virtual memory:	71.15 MB	140.96 MB
Virtual memory (peak):	75.21 MB	169.69 MB
Working set:	19.81 MB	18.61 MB
Working set (peak):	27.39 MB	37.95 MB
Resource allocations
Threads:	3	12
Handles:	143	600
GUI GDI count:	4	103

Process properties

Integrety level:	Undefined
Platform:	32-bit
Command line:	"C:\Program Files\common files\xoftspyse\6\xoftspyservice.exe"
Owner:	SYSTEM
Windows Service
Service name:	XoftSpyService
Description:	“Provides scanning, cleaning, and quarantining of malware items.”
Type:	Win32OwnProcess
Parent process:	services.exe (Services and Controller app by Microsoft)

Distribution by Windows OS

OS version	distribution
Microsoft Windows XP	100.00%

Distribution by PC manufacturer

PC Manufacturer	distribution
American Megatrends	100.00%

"Should I Block It?" client app is coming soon

We are still in the final stages of development and will hopefully have our 100% free client app available soon. The app will work in conjunction with your existing anti-virus program to quickly help you block potentially unwanted software from taking control of your PC.

In the meantime, if you would like to run our award winning software, "Should I Remove It?", which is designed to quickly purge your PC from unwanted programs, please download it it here, it's 100% FREE!

Featured on The Kim Komando Show, USA Today, Tom's Guide, CNET, Softonic and many more.

Remove Adware and Spyware Programs, FREE Download!

Should I block it?

Relationships