Everstrike OOO

Publisher Information

Everstrike OOO is a software publisher located in Ulyanovsk, N/a in Russia*. The company is a primary distributor of unwanted software. Thre are 3 additional code signing certificates issued to this publisher.
Remove Everstrike OOO Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
12/17/2010 5:30:00 AM

Valid to:
1/14/2012 5:29:59 AM

Subject:
CN=Everstrike OOO, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Everstrike OOO, L=Ulyanovsk, S=n/a, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1c6febaf7115a5c4ffaeaacec3ea4ff1

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Everstrike (M), PUP.Everstrike.Installer (M)
100.00%

ByteHero BDV
Trojan.Malware.Win32.xPack.i
6.00%

CMC Antivirus
Heur.Win32.Obfuscated.1!O
2.00%

Norman
Suspicious_Gen5.ITAV
2.00%

Comodo Security
UnclassifiedMalware
2.00%

eSafe
Win32.Mental
2.00%

Clam AntiVirus
Trojan.Agent-124036
2.00%

2 / 68      (Adware)
LF37Context.DLL (LF37Context Module)  (3b212e560bd1c79a46392927d14a8a27)

1 / 68      (Adware)
lang9.dll  (1fa0ebb5d7395f106b191bdb1e0cdd58)

1 / 68      (Adware)
lang8.dll  (5647d6a6485217deb5abb0921624edd5)

1 / 68      (Adware)
lang7.dll  (9f04b4c25d92c8b123f524941a4be411)

1 / 68      (Adware)
lang6.dll  (d8d73033c321fada91230b0ad5c7fea1)

1 / 68      (Adware)
lang5.dll  (a358f3189d9d2f4fb1b6273d65f17cb4)

1 / 68      (Adware)
lang4.dll  (d5b666d44318eedfae307d8a2309e82a)

1 / 68      (Adware)
lang3.dll  (4a35a53274b74e960ecdff094bb6913f)

1 / 68      (Adware)
lang2.dll  (1329044321a9da3db5ebbc5beff48088)

1 / 68      (Adware)
lang14.dll  (33d4a88993f1b81c8cea00fdea8dde0d)

1 / 68      (Adware)
lang13.dll  (df8291cfddeb792c7d71a8d27e6b1bae)

1 / 68      (Adware)
lang12.dll  (5d6986f7dd8a27a75754f5c452591e76)

1 / 68      (Adware)
lang11.dll  (156d62059ac492b3be60c9c41c64b1e0)

1 / 68      (Adware)
lang10.dll  (b2a088be44bc126b8596222a0bcc8546)

1 / 68      (Adware)
lang1.dll  (4972c814ae8d20065c639c3df1dbf476)

1 / 68      (Adware)
lfsys64.sys (Lock Folder XP by © Everstrike Software)  (9a9865e20d5f9a2e9b1f35321d4b9656)

1 / 68      (Adware)
lfservice.exe  (5165a9f247275d7e3159d682a9cc566d)

1 / 68      (Adware)

1 / 68      (Adware)
stopusbservice64.exe  (5332a495fe56aa1db0a67db1e3f15615)

1 / 68      (Adware)
stopusbservice.exe  (103761cc02ae96c063a3dd32426adc1e)

1 / 68      (Adware)
stopusb.msi  (a97f017d6ce58621263a31364c977ae3)

1 / 68      (Adware)
StopUSB.EXE (USB Security Application)  (e7fe09566f4a6a3e0208fdd12cc87622)

1 / 68      (Adware)
ushield.exe  (1260474d9a5fb9fe117db29aa86395dd)

1 / 68      (Adware)
ushield.exe  (447348a74daf9f93341f59223fd5773c)

1 / 68      (Adware)
lockfldr.exe  (c99b9873e1c8b7ce1246ee93d107b00d)

2 / 68      (Adware)
LF37Context.DLL (LF37Context Module)  (0bd7cc17e1d6701620b6f164314c7ba6)

1 / 68      (Adware)
LF30.exe (Lock Folder XP by Everstrike Software)  (ab3870eb7775e5a774598c9c756c4ce4)

1 / 68      (Adware)
lockfldr.exe  (971c79889542203db27352b04900cac3)

1 / 68      (Adware)
escompile64.exe  (b34b2339ac4016cb64f4a139ffc2f22a)

1 / 68      (Adware)
escompile.exe  (8cb03e0de4fca4afa1f178f008c67fce)

 
Latest 30 of 101 files

The certificates below are also signed by Everstrike OOO.

49A93C592149572F4142F301F1998E04  (Jan 15, 2013 to Feb 15, 2014)

641E267F3D0313EEED9D86E2C36B2260  (Dec 29, 2011 to Jan 13, 2013)

4F047BCF18A6FDD97F5D03D2A61289D8  (Jan 21, 2010 to Jan 13, 2011)

Remove Everstrike OOO Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Everstrike OOO by VeriSign, Inc. on December 17, 2010 with the serial number '1c6febaf7115a5c4ffaeaacec3ea4ff1'.