home

atube-catcher.exe

Ultra Setup Manager

HUSREN S. A.

The application atube-catcher.exe by HUSREN S. A has been detected as a potentially unwanted program by 8 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
TIK  (signed by HUSREN S. A.)

Product:
Ultra Setup Manager

Version:
3.4.30.746

MD5:
6dbb889eefe810cdef44a28ab63855c3

SHA-1:
6b320cb1144f0fbe9e6014c002e6f37f86713e5f

SHA-256:
a3be664ecb970db71d3cf3924f10788b2eaecf637daf7c94d1fa9ba622ec4a14

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 9:52:40 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.NU
5813571

avast!
Win32:PUP-gen [PUP]
160118-1

Dr.Web
Adware.Downware.11853
9.0.1.05190

Emsisoft Anti-Malware
Application.Bundler.NU
10.0.0.5366

ESET NOD32
MSIL/Adware.Colooader.E application
7.0.302.0

F-Secure
Riskware.Application.Bundler.NU
5.15.21

Kaspersky
not-a-virus:Downloader.MSIL.Agent
15.0.0.562

Norman
Application.Bundler.NU
11.01.2016 17:30:26

File size:
154.8 KB (158,552 bytes)

Product version:
3.4.30.746

Copyright:
Copyright © 2015

Trademarks:
TIK

Original file name:
i3KC.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\atube-catcher.exe

Digital Signature
Signed by:
HUSREN S. A.

Authority:
COMODO CA Limited

Valid from:
7/4/2014 2:00:00 AM

Valid to:
7/5/2015 1:59:59 AM

Subject:
CN=HUSREN S. A., O=HUSREN S. A., STREET=COLONIA 810 APTO: 502, L=MONTEVIDEO, S=MONTEVIDEO, PostalCode=11000, C=UY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
567CC889F234095C2B6877B8E8C3A484

File PE Metadata
Compilation timestamp:
5/14/2015 5:17:58 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:bflAWB6JkPKf5AzZxShWVHwob3krXAfcNvRI3hC4jwn0xsSeQUceV2cv:vB6Jxf5A9xS4Vtb35jc2eccv

Entry address:
0x21AE6

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
127 KB (130,048 bytes)

Remove atube-catcher.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.