home

allfreedvdtomp4converter.exe

All Free DVD to MP4 Converter

TechEvolve GMBH

The application allfreedvdtomp4converter.exe, “All Free DVD to MP4 Converter Setup ” by TechEvolve GMBH has been detected as a potentially unwanted program by 12 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
AllFreeVideoSoft Co., Ltd.   (signed by TechEvolve GMBH)

Product:
All Free DVD to MP4 Converter

Description:
All Free DVD to MP4 Converter Setup

MD5:
6062cd98053580135e6c7173357abf40

SHA-1:
12e5516b29b66155a97f4b02e69141c40ca92129

SHA-256:
d6a9b42ab8fd53f1f75b24f8087ee1d863999909b8ffa8ed8ee4e1f5bc6c1c2f

Scanner detections:
12 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/26/2024 11:10:21 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Tsingsoft.5500952
7.11.212.40

avast!
NSIS:Relevant-G [PUP]
2014.9-160214

Bkav FE
W32.HfsAdware
1.3.0.6979

Comodo Security
UnclassifiedMalware
21186

Dr.Web
Trojan.InstallCore.280
9.0.1.045

ESET NOD32
Win32/Tsingsoft.A potentially unwanted
10.11219

Fortinet FortiGate
Riskware/Tsingsoft
2/14/2016

McAfee
Artemis!6B70617F45DC
5600.6489

Norman
InstallCore.CERT
11.20160214

Reason Heuristics
Win32.Generic
16.2.14.14

Trend Micro House Call
Suspicious_GEN.F47V0213
7.2.45

VIPRE Antivirus
InstallCore
42524

File size:
5 MB (5,261,360 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\allfreedvdtomp4converter.exe

Digital Signature
Signed by:
TechEvolve GMBH

Authority:
VeriSign, Inc.

Valid from:
12/15/2012 4:00:00 PM

Valid to:
12/16/2015 3:59:59 PM

Subject:
CN=TechEvolve GMBH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TechEvolve GMBH, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
50FF3D5C361AE9F52E4B0A3CF576C6EE

File PE Metadata
Compilation timestamp:
1/30/2013 6:21:56 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:F2Xt7vYaEtd2AufPPi/85CoutPGiWEGitsKVPmzUv6P1j9NzgyjoZB7Nb:wAFSFPPiqClkKvXezztj9NzC7V

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Entropy:
7.9939

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

Remove allfreedvdtomp4converter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.