» LSSrvc.exe
Overview
Analysis
File Details
Behaviors (1)

LSSrvc.exe

LightScribe

Hewlett-Packard Company

The executable LSSrvc.exe, “LightScribe Service” has been detected as malware by 16 anti-virus scanners. It runs as a separate (within the context of its own process) windows Service named “LightScribeService Direct Disc Labeling Service”.

File name:

LSSrvc.exe

Publisher:

Hewlett-Packard Company (signed and verified)

Product:

LightScribe

Description:

LightScribe Service

Version:

1.10.13.1

MD5:

3dcd3b3f471483577d0848edd54a1e2b

SHA-1:

c140ea302f5ffc51bb9f664f1c21e189df22f73e

SHA-256:

e928fae8c9ee4cc2b976c44385cec50404fe06eaa90b2d6a32b10cead3e1cf5f

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

4/19/2024 9:04:50 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Parite.A

5813612

avast!

Win32:Parite

160121-0

AVG

Win32/Parite

2015.0.4489

Boost by Reason

Optional.HewlettPackardCompany.Service

188838

Clam AntiVirus

Heuristics.W32.Parite.B

0.98/21293

Dr.Web

Win32.Parite.1

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

10.0.0.5366

ESET NOD32

Win32/Parite.A virus

7.0.302.0

F-Prot

W32/Parite.A

4.6.5.141

F-Secure

Win32.Parite.A

5.15.21

Kaspersky

Virus.Win32.Parite

15.0.0.562

McAfee

Virus.W32/Pate.a

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.213.3850.0

Norman

Win32.Parite.A

11.01.2016 17:30:26

Sophos

Virus 'W32/Parite-A'

5.22

VIPRE Antivirus

Threat.46248

46444

File size:

253.8 KB (259,844 bytes)

Original file name:

LSSrvc.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\common files\lightscribe\lssrvc.exe

Digital Signature

Signed by:

Hewlett-Packard Company

Authority:

VeriSign, Inc.

Valid from:

4/28/2006 7:00:00 AM

Valid to:

6/7/2009 6:59:59 AM

Subject:

CN=Hewlett-Packard Company, OU=LightScribe, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Hewlett-Packard Company, L=Corvallis, S=Oregon, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

42E6A08CD4FC481AB565C4947FCA513B

File PE Metadata

Compilation timestamp:

8/24/2007 7:32:23 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

CTPH (ssdeep):

6144:Ksp2ohtUTQzSTOMbaYuVvRscjnN+K9mT4fSQQcBY6T+Jqp:JpZSfevOMcT4fSQR2FG

Entry address:

0x12000

Entry point:

68, 01, 65, 3F, 00, 58, 68, 1E, 20, 41, 00, 5E, BA, C4, 06, 00, 00, FF, 34, 32, 31, 04, 24, 8F, 04, 32, 83, EA, 04, 75, F2, 90, 90, 90, E9, 18, 3E, 00, 01, 65, 3F, 00, 01, 65, 7F, 00, F1, 1A, 3F, 00, 21, 50, 3E, 00, 05, 22, 3E, 00, 01, D5, 3D, 00, 00, 65, 3F, 00, 5D, C5, 7F, 00, 51, 8E, 7F, 00, 57, 9E, 7F, 00, E9, 87, 3F, 00, 4F, 8E, 3F, 00, 55, 9E, 3F, 00, 5D, C5, 3F, 00, 4F, 8E, 3F, 00, 55, 9E, 3F, 00, 01, 65, 3F, 00, 01, 65, 3F, 00, 01, 65, 3F, 00, 01, 65, 3F, 00, 01, 65, 3F, 00, 01, 65, 3F, 00, 01, 65... 
[+]

Entropy:

7.4351

Packer / compiler:

ASProtect v1.2

Code size:

36 KB (36,864 bytes)

Service

Display name:

LightScribeService Direct Disc Labeling Service

Service name:

LightScribeService

Description:

Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScr

Type:

Win32OwnProcess

Remove LSSrvc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.