home

pw4srv.exe

O&K Print Watch

OK Software Ltd.

It runs as a separate (within the context of its own process) windows Service named “O&K Print Watch Service”.
Publisher:
O&K Software  (signed by OK Software Ltd.)

Product:
O&K Print Watch

Description:
O&K Print Watch Service

Version:
4.3.0.1666

MD5:
60c88e0c8d75b889ac369f78fe0d2ca8

SHA-1:
7e1f43a50125503202f772305b4bd98c930671cd

SHA-256:
b048e4da35c28ae1bb7767592de0d4e6e40d640651bba8e1c148bfe669531894

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 10:52:08 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
c:\users\test\appdata\local\temp\7e1f8303beccbb6fc37a4c184584159939909362 c:\users\test\appdata\loca
9.0.1.05190

File size:
2.1 MB (2,253,480 bytes)

Product version:
4.3.0.1666

Copyright:
(c) O&K Software. All rights reserved.

Original file name:
WatchSrv.exe

File type:
Executable application (Win32 EXE)

Language:
Russian (Russia)

Common path:
C:\Program Files\o&k print watch\pw4srv.exe

Digital Signature
Signed by:
OK Software Ltd.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
11/14/2007 11:41:47 AM

Valid to:
12/7/2008 11:27:27 AM

Subject:
CN=OK Software Ltd., OU=Secure Application Development, O=OK Software Ltd., L=Moscow, S=Moscow, C=RU

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
1A295CA5D377C1F4866748A743BFC19F

File PE Metadata
Compilation timestamp:
9/7/2008 11:33:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:hg4cZSQ0aoONny19nI9S6K3prn45cZEiFIaNtxOfMWU999SuroSH:K40Sx4Y9icZLSUxO0WUX9BN

Entry address:
0xDF4F3

Entry point:
E8, 1C, 03, 00, 00, E9, 36, FD, FF, FF, CC, FF, 25, B8, 76, 59, 00, FF, 25, C4, 76, 59, 00, 3B, 0D, 34, 10, 61, 00, 75, 02, F3, C3, E9, 8F, 03, 00, 00, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, FF, 74, 24, 10, 68, 0A, F5, 4D, 00, 68, 34, 10, 61, 00, E8, 74, 04, 00, 00, 83, C4, 18, C3, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, 6A, 04, 00, 00, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, 54, 04, 00, 00, FF, 25, 88, 75, 59, 00, FF...
 
[+]

Entropy:
6.2892

Code size:
1.6 MB (1,662,976 bytes)

Service
Display name:
O&K Print Watch Service

Type:
Win32OwnProcess

Depends on:
RPCSS Spooler


Scan pw4srv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.