» uvk_en.exe
Overview
Analysis
File Details
Programs (3)
Network (1)

uvk_en.exe

Ultra Virus Killer

Alfredo Anibal santos silva

The application uvk_en.exe by Alfredo Anibal santos silva has been detected as a potentially unwanted program by 8 anti-malware scanners. Additionally, the file is typically installed by a number of programs including UVK - Ultra Virus Killer by Carifred and Greenlight Computer Clinic Repair Tool by Greenlight Computer Clinic. While running, it connects to the Internet address biz141.inmotionhosting.com on port 80 using the HTTP protocol.

File name:

uvk_en.exe

Publisher:

Carifred (signed by Alfredo Anibal santos silva)

Product:

Ultra Virus Killer

Version:

7.3.7.0

MD5:

b9800627cc49b2d4339bc07062f460a8

SHA-1:

9ec213cb66fbbfe6f54f798852ed7ca0b7117b53

SHA-256:

2e3d27344d4100dcbefd9bc841ab0094abc85609986264cb1088526efcb25d66

Scanner detections:

8 / 68

Status:

Potentially unwanted

Analysis date:

11/23/2024 7:22:18 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Detection.Undefined

9.7.0.302.0

McAfee

Artemis!437B8FAAAABC

5600.6682

NANO AntiVirus

Trojan.Win32.Autoit.dbiolu

0.28.0.60475

Reason Heuristics

PUP.AlfredoAnibalsantossilva (M)

15.8.6.7

Rising Antivirus

AU3SCRIPT:Trojan.Script.VBS.StartPage.rf!1596587

23.00.65.15804

Total Defense

Win32/Tnega.AVVX

37.0.11218

Trend Micro House Call

Suspicious_GEN.F47V0621

7.2.218

Zillya! Antivirus

Trojan.Cossta.Win32.8444

2.0.0.1838

File size:

1.6 MB (1,681,408 bytes)

Product version:

7.3.0.0

Trademarks:

Carifred.com

Original file name:

UVK.exe

File type:

Executable application (Win64 EXE)

Language:

English (United Kingdom)

Common path:

C:\Program Files\uvk - ultra virus killer\uvk_en.exe

Digital Signature

Signed by:

Alfredo Anibal santos silva

Authority:

COMODO CA Limited

Valid from:

3/9/2014 12:00:00 AM

Valid to:

3/9/2019 11:59:59 PM

Subject:

CN=Alfredo Anibal santos silva, O=Alfredo Anibal santos silva, STREET=Résidence les angéliques, STREET=Rue du grand large, L=Port vendres, S=Languedoc - Roussillon, PostalCode=66660, C=FR

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E4E0EEAC938C9428AF79577D5C6F9663

File PE Metadata

Compilation timestamp:

8/5/2015 10:25:00 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

49152:EgTiSxZga5GBoZtVeIa/xVIjwts+z2o757nI:fHmoZtaCjwuo75c

Entry address:

0x2F7DC

Entry point:

48, 83, EC, 28, E8, BF, B3, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, 8B, 05, EA, 9B, 0A, 00, 44, 8B, C2, 23, CA, 41, F7, D0, 44, 23, C0, 44, 0B, C1, 44, 89, 05, D5, 9B, 0A, 00, C3, 48, 83, EC, 28, E8, 87, 28, 00, 00, 48, 85, C0, 74, 0A, B9, 16, 00, 00, 00, E8, A8, 28, 00, 00, F6, 05, B5, 9B, 0A, 00, 02, 74, 29, B9, 17, 00, 00, 00, E8, 25, 1D, 01, 00, 85, C0, 74, 07, B9, 07, 00, 00, 00, CD, 29, 41, B8, 01, 00, 00, 00, BA, 15, 00, 00, 40, 41, 8D, 48, 02, E8, 52, 09, 00, 00, B9, 03, 00, 00, 00, E8... 
[+]

Entropy:

7.3276

Code size:

672 KB (688,128 bytes)

The file uvk_en.exe has been discovered within the following programs.

Greenlight Computer Clinic Repair Tool by Greenlight Computer Clinic

www.carifred.com/uvk

About 6% of users remove it

Mastertech Computers Corp Repair Tool by Mastertech Computers Corp

About 7% of users remove it

UVK - Ultra Virus Killer by Carifred

About 9% of users remove it

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to biz141.inmotionhosting.com (216.194.169.105:80)

Remove uvk_en.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.