home

msvcr100.dll

Microsoft Visual Studio 2010

Korea Network Technology Co., Ltd

msvcr100_clr0400.dll is the runtime components of Visual C++ Libraries required to run applications developed with Visual C++ and is recompiled by Korea Network Technology Co., Ltd. While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module msvcr100.dll, “Microsoft® C Runtime Library” by Korea Network Technology Co. has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
Microsoft Corporation  (signed by Korea Network Technology Co., Ltd)

Product:
Microsoft® Visual Studio® 2010

Description:
Microsoft® C Runtime Library

Version:
10.00.30319.460

MD5:
9e8fe2240d90a331ab27a9e973a72772

SHA-1:
75a840a2dd29727d3394263975df26602f06b494

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
This is the runtime components of Visual C++ Libraries required to run applications developed with Visual C++. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
5/7/2024 8:18:32 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.12.23

File size:
751.1 KB (769,168 bytes)

Product version:
10.00.30319.460

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
msvcr100_clr0400.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\knt\knt_transfer\msvcr100.dll

Digital Signature
Signed by:
Korea Network Technology Co., Ltd

Authority:
Thawte, Inc.

Valid from:
10/26/2012 9:00:00 AM

Valid to:
10/27/2013 8:59:59 AM

Subject:
CN="Korea Network Technology Co., Ltd", O="Korea Network Technology Co., Ltd", L=Seongnam-si, S=Gyeonggi-do, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5EFE630C3BF8B3880508986E0EDD9505

File PE Metadata
Compilation timestamp:
4/22/2011 4:59:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x10844

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 0F, 84, FD, 73, 00, 00, FF, 75, 10, FF, 75, 0C, E8, 29, FF, FF, FF, 59, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 4D, 08, 85, C9, 74, 10, 6A, E0, 33, D2, 58, F7, F1, 3B, 45, 0C, 0F, 82, 17, CB, 02, 00, 0F, AF, 4D, 0C, 56, 8B, F1, 85, F6, 0F, 84, 17, CB, 02, 00, 33, C0, 83, FE, E0, 0F, 87, 12, CB, 02, 00, 56, 6A, 08, FF, 35, B0, 28, B5, 78, FF, 15, F8, 11, AA, 78, 85, C0, 0F, 84, FB, CA, 02, 00, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 56, 57, 33, F6, 6A, 00, FF, 75, 0C, FF, 75...
 
[+]

Entropy:
6.9128

Code size:
704 KB (720,896 bytes)

Remove msvcr100.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.