home

PService.exe

PService

Daniele Gentile

The application PService.exe by Daniele Gentile has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Daniele Gentile  (signed and verified)

Product:
PService

Version:
1.0.0.0

MD5:
b079cda557581b3c1a2374028bc8f10d

SHA-1:
e9eac15b6138344a94cd14a7f87617f4788e41cf

SHA-256:
0826d0dd220357450a8193b71ab34c0d65814f5edf7551167b4bfc363291b3a6

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 12:56:50 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo (M)
16.11.13.23

File size:
66.8 KB (68,384 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
PService.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\adservice\pservice.exe

Digital Signature
Signed by:
Daniele Gentile

Authority:
Symantec Corporation

Valid from:
11/10/2015 7:00:00 PM

Valid to:
11/10/2016 6:59:59 PM

Subject:
CN=Daniele Gentile, OU=Individual Developer, O=No Organization Affiliation, L=San Antonio Escazu, S=San Jose, C=CR

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
4CB02417B45C2A56731C8C04E29E02C4

File PE Metadata
Compilation timestamp:
5/24/2016 4:10:53 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:KDQFQTcnFdwsrrkMpuDXuHcCGfCOQ0sgUi1+JlwdMBSMupfbNQZBSOxXjpFJ3phE:KNsrrvUQJXvFl7lbk

Entry address:
0x1137E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.8566

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
61 KB (62,464 bytes)

Remove PService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.