» KAVREMVR.EXE
Overview
Analysis
File Details
Downloads (6)

KAVREMVR.EXE

Kaspersky Removal Tool

Kaspersky Lab

File name:

KAVREMVR.EXE

Publisher:

Kaspersky Lab ZAO (signed by Kaspersky Lab)

Product:

Kaspersky Removal Tool

Description:

KAV Removal Tool

Version:

1.0.(930).0

MD5:

917b8b33a0f602ab1c2a957d9e85aa04

SHA-1:

96421331b163c8408ee1ad643d51f45698427461

SHA-256:

0eeccd06eae189f568a8d533174d3d7e14b8528c3ce7f5a2cd4ddce09fc2b39c

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 11:04:28 PM UTC (a few moments ago)

File size:

9.3 MB (9,786,160 bytes)

Product version:

1.0.930.0

Trademarks:

Registered trademarks and service marks are the property of their respective owners

Original file name:

KAVREMVR.EXE

Language:

English (United States)

Common path:

C:\windows\temp\avast_ash2\kaspersky internet security\{980795d2-be1a-4430-8c71-45a4bb868eac}.tmp

Digital Signature

Signed by:

Kaspersky Lab

Authority:

DigiCert Inc

Valid from:

5/27/2015 5:00:00 PM

Valid to:

12/30/2015 4:00:00 AM

Subject:

CN=Kaspersky Lab, O=Kaspersky Lab, L=Moscow, S=Moscow City, C=RU

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0916825462BEA15594450E897E8D3AE6

File PE Metadata

Compilation timestamp:

11/23/2015 9:07:28 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

196608:6e9gU0xC4Q2A8MCnqTrhFOggiOlf+fK4eGxdVJ3mEgR:t9gUfh2LIhFOggiOlf+fEc/J3NE

Entry address:

0x148F9C

Entry point:

E8, 77, AF, 00, 00, E9, 89, FE, FF, FF, 3B, 0D, 40, B7, 5F, 00, 75, 02, F3, C3, E9, FE, AF, 00, 00, 8B, FF, 55, 8B, EC, 8D, 45, 14, 50, 6A, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, EC, 07, 00, 00, 83, C4, 14, 5D, C3, 8B, FF, 55, 8B, EC, 8D, 45, 18, 50, 6A, 00, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 61, 08, 00, 00, 83, C4, 18, 5D, C3, 8B, FF, 55, 8B, EC, 8B, 55, 08, 53, 8B, 5D, 14, 56, 57, 85, DB, 75, 10, 85, D2, 75, 10, 39, 55, 0C, 75, 12, 33, C0, 5F, 5E, 5B, 5D, C3, 85, D2, 74, 07, 8B, 7D... 
[+]

Entropy:

6.7441

Code size:

1.6 MB (1,658,880 bytes)

The file KAVREMVR.EXE has been seen being distributed by the following 6 URLs.

https://userscloud.com/e0fldyfb7nr8

http://www.majorgeeks.com/index.php?ct=files&action=download&

http://uninst.ru/go3.php?url=http://media.kaspersky.com/utilities/.../kavremover.exe

http://media.kaspersky.com/utilities/.../kavremvr.exe

http://support.kaspersky.com/downloads/.../kavremover.exe

http://media.kaspersky.com/utilities/.../kavremover.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.