OOO PREM”ER-SERVIS – 11% Anti-Virus Detection Rate – InstallCore

Welcome! I was playing around and testing some downloads when I found a file digitally signed by OOO PREM”ER-SERVIS. The OOO PREM”ER-SERVIS certificate shows that the publisher is located in Moscow, Russia.

OOO PREM''ER-SERVIS certificate

The problem here is that if adobe_flash_setup.exe really was an installer file for Adobe Flash Player, it should have been signed by Adobe Systems Incorporated and not by some unknown company. Here’s how the authentic Adobe Flash Player looks like when you double click on it. Notice that the “Verified publisher” says “Adobe Systems Incorporated”.
Adobe Systems Incorporated - Adobe Flashplayer Installer

Right now, 6 of the antimalware scanners detected the file. Some of the detection names for the adobe_flash_setup.exe file are Adware/InstallCore.783896, a variant of Win32/InstallCore.WX potentially unwanted, Trojan ( 004b61851 ) and Trojan ( 004b61851 ).

OOO PREM''ER-SERVIS anti-virus report

Did you also find a file digitally signed by OOO PREM”ER-SERVIS? Where did you find it and are the anti-virus programs detecting it? Please share in the comments below.

Thanks for reading.

1 thought on “OOO PREM”ER-SERVIS – 11% Anti-Virus Detection Rate – InstallCore

  1. I got this same download. I almost downloaded it as a routine download. But I had a phone call from a company trying to sell software to fix the “dozens” of viruses on Windows. (I was polite to him and said I didn’t want buy anything because I don’t have the money- he then said I attacked him.(Huh?)) Anyway, the conversation made me think that I should check the certification. I thought the certifier’ s name was weird, googled it and found your website. Is anyone info

Comments are closed.