MSVCR90.DLL

Microsoft Visual Studio 2008

LionSea Software co., ltd

MSVCR90.DLL is the runtime components of Visual C++ Libraries required to run applications developed with Visual C++ and is recompiled by LionSea Software co., ltd. While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module MSVCR90.DLL, “Microsoft® C Runtime Library” by LionSea Software co., ltd has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.
Publisher:
Microsoft Corporation  (signed by LionSea Software co., ltd)

Product:
Microsoft® Visual Studio® 2008

Description:
Microsoft® C Runtime Library

Version:
9.00.30729.1

MD5:
d3b773460351125151e5c0de5321dcb2

SHA-1:
00a21586db12ebfc21df30b73c3b70fb51204a3b

SHA-256:
43d68decdc2002d1a3011ee01e5fbfa92460063a39d0ba41738cce1418e6f4e5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
This is the runtime components of Visual C++ Libraries required to run applications developed with Visual C++. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
12/24/2024 11:57:55 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.LionSea (M)
16.9.26.9

File size:
637.8 KB (653,112 bytes)

Product version:
9.00.30729.1

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
MSVCR90.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\wisefixer\msvcr90.dll

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
2/7/2012 6:00:00 PM

Valid to:
2/7/2013 5:59:59 PM

Subject:
CN="LionSea Software co., ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="LionSea Software co., ltd", L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5C82730AFCB40651922D0DB016CEEFF7

File PE Metadata
Compilation timestamp:
7/29/2008 5:53:57 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:nhr4UCeeHTA80gIZ4BgmOEGVN9vtI0E5uO9FAOu8axPFmRyyU:Xe2g5gmO791I0E5uO9FAN9mRyyU

Entry address:
0x22D40

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, A0, BF, 04, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 36, FE, FF, FF, 83, C4, 0C, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, 8B, FF, 56, 57, 33, F6, BF, 40, BA, 5B, 78, 83, 3C, F5, C4, 70, 5B, 78, 01, 75, 1E, 8D, 04, F5, C0, 70, 5B, 78, 89, 38, 68, A0, 0F, 00, 00, FF, 30, 83, C7, 18, E8, EC, A7, 04, 00, 59, 59, 85, C0, 74, 0C, 46, 83, FE, 24, 7C, D2, 33, C0, 40, 5F, 5E, C3, 83, 24, F5, C0, 70, 5B, 78, 00, 33, C0, EB, F1, CC, CC, CC, CC, CC, 8B, FF, 53, 8B, 1D, 40...
 
[+]

Entropy:
6.8844

Code size:
598.5 KB (612,864 bytes)

Remove MSVCR90.DLL - Powered by Reason Core Security