home

USPro.exe

Universal Shield

Everstrike OOO

The application USPro.exe by Everstrike OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Everstrike Software  (signed by Everstrike OOO)

Product:
Universal Shield

Version:
4.5.0.0

MD5:
9cad00d675f16e6e99fb1df3d5d2ea20

SHA-1:
7eacfa513640cf57a4abea2022981a7dfe2b1732

SHA-256:
32f0f70c7192656be989f61163c6f5724cf8e1ecb49f739a20312384b6405a7a

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/23/2024 10:14:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.9.9

File size:
2.2 MB (2,345,312 bytes)

Product version:
4.5.0.0

Copyright:
Copyright © 2001-2011

Trademarks:
Universal Shield

Original file name:
USPro.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\universal shield\uspro.exe

Digital Signature
Signed by:
Everstrike OOO

Authority:
VeriSign, Inc.

Valid from:
12/17/2010 9:00:00 AM

Valid to:
1/14/2012 8:59:59 AM

Subject:
CN=Everstrike OOO, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Everstrike OOO, L=Ulyanovsk, S=n/a, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1C6FEBAF7115A5C4FFAEAACEC3EA4FF1

File PE Metadata
Compilation timestamp:
6/24/2011 7:07:15 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x46B413

Entry point:
9C, C7, 04, 24, 9D, B2, C4, 20, 68, 60, 9E, 26, F4, E9, F8, AC, FF, FF, B5, 21, 2B, DD, 40, 42, 1C, 32, C0, 25, 08, 6D, 1D, E9, 8F, 43, 1C, A2, C6, D5, 56, D5, 25, B8, BB, B0, C9, AA, 8A, 0F, F1, 51, A3, 98, 1C, E8, F8, D0, 83, 64, 9B, 8B, B8, B7, 64, B4, 13, 8B, 78, B9, 16, D3, 1F, E0, EF, 20, 0F, 86, C4, EE, 5F, E9, 81, FE, F8, 3A, 9F, 04, 1B, F7, 16, 14, 9F, 7B, 53, 8A, 4F, 1D, 38, E6, AC, AA, 78, ED, 42, 26, CB, 4D, 9E, D8, 0D, BE, 8B, 78, B9, 52, DE, C6, 35, D6, EF, 20, 0F, 88, D5, DB, FB, 85, D7, 96...
 
[+]

Entropy:
6.7134

Code size:
427 KB (437,248 bytes)

Remove USPro.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.