home

uiWinMgr.exe

Trend Micro Titanium

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Trend Micro Titanium’.
Publisher:
Trend Micro Inc.  (signed by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION)

Product:
Trend Micro Titanium

Description:
Security Client

Version:
6.21.0.1067

MD5:
2026c20840b27aee2c5ac4e8c43f33f3

SHA-1:
c6b71c38e147da2a068fc2b186c1ac939e0028fe

SHA-256:
7eae1da2614ae1f7bd26c95170737206341ecbf40ed4e29cf05b4c61a60441a3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 1:04:07 PM UTC  (today)

File size:
1.1 MB (1,127,264 bytes)

Product version:
6.21

Copyright:
Copyright (C) 2013 Trend Micro Incorporated. All rights reserved.

Trademarks:
Copyright (C) Trend Micro Inc.

Original file name:
uiWinMgr.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ntte\virus clear\virus clear9\uiframework\uiwinmgr.exe

Digital Signature
Signed by:
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

Authority:
VeriSign, Inc.

Valid from:
11/9/2012 9:00:00 AM

Valid to:
11/28/2013 8:59:59 AM

Subject:
CN=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, OU=Consumer Business Headquarters Broadband Service Department - 1, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, L=Shinjuku-ku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1E01045A5CBD1DEE55AB967ECBB1839E

File PE Metadata
Compilation timestamp:
10/1/2013 9:28:02 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:DWRbaavAbhVTV05BM4YIUOmJuAj7aIqWe4q5p+u4+uK+uvk4oDMv8:yR/CC5BpnAnaIqWvqq4+bZ

Entry address:
0xA043F

Entry point:
E8, 99, 06, 00, 00, E9, 3A, FD, FF, FF, 3B, 0D, 54, 28, 4E, 00, 75, 02, F3, C3, E9, 19, 07, 00, 00, FF, 25, 34, 27, 4B, 00, FF, 25, 44, 27, 4B, 00, 6A, 14, 68, 50, B8, 4C, 00, E8, E8, 05, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, C6, 07, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, DE, 05, 00, 00...
 
[+]

Entropy:
6.3681

Code size:
708 KB (724,992 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Trend Micro Titanium

Command:
"C:\Program Files\ntte\virus clear\virus clear9\uiframework\uiwinmgr.exe" -set silent "1" splashurl ""


Scan uiWinMgr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.