home

msvcr100.dll

Microsoft Visual Studio 2010

Taiwan Shui Mu Chih Ching Technology Limited

msvcr100_clr0400.dll is the runtime components of Visual C++ Libraries required to run applications developed with Visual C++ and is recompiled by Taiwan Shui Mu Chih Ching Technology Limited. While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module msvcr100.dll, “Microsoft® C Runtime Library” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
Microsoft Corporation  (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:
Microsoft® Visual Studio® 2010

Description:
Microsoft® C Runtime Library

Version:
10.00.40219.1

MD5:
644f20836efd49ca7d199c3f74717e79

SHA-1:
a2e397d40f357f4d7c17c79f0c21a97817088bed

SHA-256:
6cd9896b95aa811e0f209ea9b4d39146ded066ba563738514128528644ff2ef5

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is the runtime components of Visual C++ Libraries required to run applications developed with Visual C++. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
11/30/2024 7:50:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Thinknice (M)
17.2.8.23

File size:
755.7 KB (773,808 bytes)

Product version:
10.00.40219.1

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
msvcr100_clr0400.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\syswow64\msvcr100.dll

Digital Signature
Signed by:
Taiwan Shui Mu Chih Ching Technology Limited

Authority:
GlobalSign nv-sa

Valid from:
2/24/2014 2:45:36 PM

Valid to:
2/25/2015 2:45:36 PM

Subject:
CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=New Taipei City, S=Taiwan, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121BCD23750153699E1F59ACE477A6DE070

File PE Metadata
Compilation timestamp:
2/19/2011 5:47:38 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x11DFC

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 0F, 84, 35, AA, 00, 00, FF, 75, 10, FF, 75, 0C, E8, 29, FF, FF, FF, 59, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 56, 57, 33, F6, 6A, 00, FF, 75, 0C, FF, 75, 08, E8, 77, EB, FF, FF, 8B, F8, 83, C4, 0C, 85, FF, 0F, 84, 85, D3, 02, 00, 8B, C7, 5F, 5E, 5D, C3, 8B, F0, 83, F8, FF, 74, F3, EB, D7, 6A, 0D, E8, DF, EA, FF, FF, 59, C3, FF, 35, 54, 4E, B5, 78, FF, 15, 04, 10, AA, 78, 8B, F0, 56, FF, 35, B8, 48, B5, 78, FF, 15, 60, 10, AA, 78, E9, E3, E4, FF, FF, 90, 4B, 00, 45, 00...
 
[+]

Entropy:
6.9016

Code size:
709 KB (726,016 bytes)

Remove msvcr100.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.