home

oem.exe

poorvirus

The application oem.exe has been detected as a potentially unwanted program by 41 anti-malware scanners.
Product:
poorvirus

Version:
1.00

MD5:
8fd92e025a374794c512de791b2f64b8

SHA-1:
07816c461c71879a8a4c54f29981aead1781d6f4

SHA-256:
b09815ba22efd8e3250723ac3f1dae4785a3c763e818e054ed45bc63071b6c3e

Scanner detections:
41 / 68

Status:
Potentially unwanted

Analysis date:
4/18/2024 7:32:56 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Backdoor.Agent.1
-41

Agnitum Outpost
Trojan.VBGent.Gen.81
7.1.1

AhnLab V3 Security
Trojan/Win32.Swisyn
2015.07.04

Avira AntiVirus
TR/Patched.Ren.Gen
8.3.1.6

Arcabit
Backdoor.Agent.1
1.0.0.425

avast!
Win32:Rootkit-gen [Rtk]
2014.9-170316

AVG
Generic16
2018.0.2437

Baidu Antivirus
Adware.Win32.Agent
4.0.3.17316

Bitdefender
Backdoor.Agent.1
1.0.20.375

Bkav FE
W32.FakeWinlogonXIA.Trojan
1.3.0.6979

Clam AntiVirus
Win.Trojan.Swisyn-2823
0.98/21511

Comodo Security
Heur.Suspicious
22662

Dr.Web
Trojan.KillFiles.12035
9.0.1.075

Emsisoft Anti-Malware
Backdoor.Agent
8.17.03.16.01

ESET NOD32
Win32/VB.NUV
11.11888

Fortinet FortiGate
W32/Swisyn.UBP!tr
3/16/2017

F-Prot
W32/VBTrojan.17E
v6.4.7.1.166

F-Secure
Backdoor.Agent.1
11.2017-16-03_5

G Data
Backdoor.Agent
17.3.25

IKARUS anti.virus
Trojan.Win32.Swisyn
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.205.16459

Kaspersky
Trojan.Win32.Swisyn
14.0.0.-1318

Malwarebytes
Trojan.PoorVirus
v2017.03.16.01

McAfee
Generic VB.zzr
5600.6093

Microsoft Security Essentials
Worm:Win32/Roopirs.A
1.1.11804.0

MicroWorld eScan
Backdoor.Agent.1
18.0.0.225

NANO AntiVirus
Trojan.Win32.Vb.btqbl
0.30.24.2320

nProtect
Trojan/W32.Swisyn.139264.M
15.07.03.02

Panda Antivirus
Trj/Genetic.gen
17.03.16.01

Qihoo 360 Security
Win32/Backdoor.0c1
1.0.0.1015

Quick Heal
Trojan.VB.Gen
3.17.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.128770F1!310866161
23.00.65.17314

Sophos
Mal/VB-F
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Poorv
8532

Total Defense
Win32/SillyAutorun.EYX
37.1.62.1

Trend Micro House Call
TROJ_SWISYN.AJ
7.2.75

Trend Micro
TROJ_SWISYN.AJ
10.465.16

Vba32 AntiVirus
Trojan.VBRA.04943
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Swisyn.ubp
41694

ViRobot
Trojan.Win32.Swisyn.36864.C[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Swisyn.Win32.25583
2.0.0.2268

File size:
136 KB (139,264 bytes)

Product version:
1.00

Original file name:
photos.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\adobe\oem.exe

File PE Metadata
Compilation timestamp:
5/25/2055 11:40:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x14CC

Entry point:
68, F8, 24, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 78, FA, 71, 86, DE, B4, 80, 40, A7, BC, 90, 4B, E7, 23, 3E, 2E, 00, 00, 00, 00, 00, 00, 01, 00, 40, 00, 20, 20, 44, 69, 6D, 20, 64, 69, 73, 6B, 63, 6C, 65, 61, 6E, 65, 72, 00, 6C, 64, 65, 72, 00, 00, 00, 00, FF, CC, 31, 00, 01, 5C, 6E, 68, 95, AD, DA, 6F, 46, B9, 2F, E5, 3C, 64, 36, C1, A6, 1A, AF, 92, E8, 43, E0, 4F, 4B, 89, 0C, 66, B3, 40, BA, 0B, 54, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
1.3183

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
20 KB (20,480 bytes)

Remove oem.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.