home

vmserve.exe

Hongkong zoekyu Technology Limited

The application vmserve.exe by Hongkong zoekyu Technology Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a windows Service named “vmserve Update”.
Publisher:
Hongkong zoekyu Technology Limited  (signed and verified)

MD5:
c0338cbd6be3952cc9c35ed01fc065f9

SHA-1:
8d098516e8d7b966088a899c3c8b0a892489cc18

SHA-256:
7aaa35885f5c80a538e80003ced4066856d00af9523988ae52475e4a64aa11e2

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
2/24/2025 10:55:08 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Yessearches (M)
17.1.20.1

File size:
286.1 KB (292,952 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\common update\vmserve update\vmserve.exe

Digital Signature
Signed by:
Hongkong zoekyu Technology Limited

Authority:
GlobalSign nv-sa

Valid from:
8/31/2015 1:52:51 PM

Valid to:
8/31/2016 1:52:51 PM

Subject:
CN=Hongkong zoekyu Technology Limited, O=Hongkong zoekyu Technology Limited, L=香港, S=香港, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121A7482C0A326B72D75AEE1323E44001AB

File PE Metadata
Compilation timestamp:
1/7/2016 10:55:38 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1AB04

Entry point:
E8, B8, 53, 00, 00, E9, 7F, FE, FF, FF, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 70, 50, 44, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, F8, 32, 44, 00, 01, 0F, 82, D8, 58, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74...
 
[+]

Entropy:
6.4929

Code size:
205 KB (209,920 bytes)

Service
Display name:
vmserve Update

Service name:
vmserve

Description:
Enables the detection, download, and installation of updates for vmserve and other programs. If this service is disabled, users of this computer will not be able to use vmserve Update or its automatic

Type:
Win32OwnProcess, InteractiveProcess


Remove vmserve.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.