prozrachni sheild.exe

Microsoft Office Help Viewer

OOO

The application prozrachni sheild.exe by OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Mi crosoft Corporation  (signed by OOO )

Product:
Microsoft Office Help Viewer

Version:
12.0.6606.1000

MD5:
5ff94ca2a79e7b7cdc0497d81d5e437f

SHA-1:
89de2404e1f1f2850a0b7b26699fdc5cd77dd8a7

SHA-256:
541685075c19bd256497f4fd7b2f20bd2d07f8d4f8322d3aed6cbcfd76e1e445

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 4:54:09 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.16.1

File size:
914 KB (935,968 bytes)

Product version:
12.0.6606.1000

Copyright:
© 2006 Microsoft Corporation. All rights reserved.

Original file name:
clview.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\prozrachni sheild.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
7/19/2016 3:00:00 AM

Valid to:
7/20/2017 2:59:59 AM

Subject:
CN="OOO ""TERRA BIT""", O="OOO ""TERRA BIT""", STREET="p-t Mira, 7, of.1", L=Kaliningrad, S=Kaliningradskaya, PostalCode=236022, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C2F0DDC8372EA9907FED8023E2DCAC21

File PE Metadata
Compilation timestamp:
7/21/2016 4:37:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x1030

Entry point:
55, 8B, EC, 81, EC, E8, 03, 00, 00, 8B, 45, DC, 8B, 4D, DC, D3, E0, 89, 45, DC, 68, 4C, F0, 4C, 00, FF, 15, 28, D0, 49, 00, 68, 64, F0, 4C, 00, 6A, 00, FF, 15, 34, D0, 49, 00, 68, CA, 14, 00, 00, 8B, 0D, 54, CE, 4D, 00, 51, FF, 15, 40, D0, 49, 00, 85, C0, 74, 07, 33, C0, E9, 58, 02, 00, 00, 8B, 55, D0, C1, E2, D0, 89, 55, C4, 8B, 45, D4, 8B, 4D, C8, D3, E0, 89, 45, CC, 8B, 4D, C0, C1, E9, 6C, 89, 4D, C8, FF, 15, 14, D0, 49, 00, 6A, 00, FF, 15, 18, D0, 49, 00, 8B, 55, C4, C1, E2, 47, 89, 55, BC, 8B, 45, D4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
623 KB (637,952 bytes)

Remove prozrachni sheild.exe - Powered by Reason Core Security