home

USPro.exe

Universal Shield

Everstrike OOO

The application USPro.exe by Everstrike OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Everstrike Software  (signed by Everstrike OOO)

Product:
Universal Shield

Version:
4.7.0.0

MD5:
b5c7228efc66c0445a36d3af337c3384

SHA-1:
5c364ccfc7e837e7df17979f2691c8c4df483fd0

SHA-256:
8483806ab945f5a76a6affa1fcbdb6030e8b9a13de1fb9709798c141c23b2ffd

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/19/2024 2:56:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Everstri (M)
16.5.31.4

File size:
2.3 MB (2,365,080 bytes)

Product version:
4.7.0.0

Copyright:
Copyright © 2001-2012

Trademarks:
Universal Shield

Original file name:
USPro.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\universal shield\uspro.exe

Digital Signature
Signed by:
Everstrike OOO

Authority:
VeriSign, Inc.

Valid from:
12/29/2011 12:00:00 AM

Valid to:
1/12/2013 11:59:59 PM

Subject:
CN=Everstrike OOO, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Everstrike OOO, L=Ulyanovsk, S=Ulyanovsk, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
641E267F3D0313EEED9D86E2C36B2260

File PE Metadata
Compilation timestamp:
3/17/2012 6:47:29 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:Mi+Gm2Lxua5+JpEPP9bUjP4vsezqRwa4kPi0g:n+Gm6P30wq6axPG

Entry address:
0x46D006

Entry point:
E8, 28, 1F, 00, 00, 8D, 64, 24, 08, 0F, 83, 13, 05, 00, 00, 60, C6, 04, 24, 30, C6, 04, 24, 14, 8D, 64, 24, 20, E9, 03, F2, FF, FF, D4, DA, 91, 0F, FB, 6C, 39, 09, 22, 39, 02, 39, 2B, 70, 8A, C4, 22, C0, 11, A5, E9, A6, A8, AA, 4F, E3, 32, EA, 1D, 0B, 2A, 6D, 2C, A2, 16, 4A, 45, 24, 7A, 33, 85, F6, 78, 5E, F8, 07, C1, 58, 5D, 4C, D0, 4D, 57, 71, DC, D4, AC, 95, A9, A4, BC, 94, 92, 65, 7B, D4, 9E, D9, F9, 64, 62, 22, 1C, C6, AB, C2, 06, FE, 3E, 3F, 47, 7F, 16, 52, E6, C3, 54, 57, E7, D6, 6A, 29, 01, FD, 59...
 
[+]

Code size:
433.5 KB (443,904 bytes)

Remove USPro.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.