home

uiWinMgr.exe

Trend Micro Titanium

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Trend Micro Titanium’.
Publisher:
Trend Micro Inc.  (signed by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION)

Product:
Trend Micro Titanium

Description:
Security Client

Version:
6.11.0.3017

MD5:
434ee6527c7596a78befa547d7a5c8b5

SHA-1:
d2cdce6fb3c694ae9a243b476d1f2620b1177ee7

SHA-256:
ab2ab031b118ce9618ac4dc8b7e2708dc9ba1e30e602dc443899ec605fcb8ec3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 12:15:01 AM UTC  (today)

File size:
1.1 MB (1,127,264 bytes)

Product version:
6.11

Copyright:
Copyright (C) 2013 Trend Micro Incorporated. All rights reserved.

Trademarks:
Copyright (C) Trend Micro Inc.

Original file name:
uiWinMgr.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ntte\virus clear\virus clear8\uiframework\uiwinmgr.exe

Digital Signature
Signed by:
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

Authority:
VeriSign, Inc.

Valid from:
11/9/2012 9:00:00 AM

Valid to:
11/28/2013 8:59:59 AM

Subject:
CN=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, OU=Consumer Business Headquarters Broadband Service Department - 1, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, L=Shinjuku-ku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1E01045A5CBD1DEE55AB967ECBB1839E

File PE Metadata
Compilation timestamp:
9/16/2013 11:12:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:kx4ClRW7EMTmg4Jf85lGfmhuIYNoYf+4q5k+uc+uK+uTk4oDMYs:A4Id04JZfIaoYfPq50+/w

Entry address:
0xA043F

Entry point:
E8, 99, 06, 00, 00, E9, 3A, FD, FF, FF, 3B, 0D, 54, 28, 4E, 00, 75, 02, F3, C3, E9, 19, 07, 00, 00, FF, 25, 34, 27, 4B, 00, FF, 25, 44, 27, 4B, 00, 6A, 14, 68, 40, B8, 4C, 00, E8, E8, 05, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, C6, 07, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, DE, 05, 00, 00...
 
[+]

Entropy:
6.3684

Code size:
708 KB (724,992 bytes)

2 Startup Files (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Trend Micro Titanium

Command:
"C:\Program Files\ntte\virus clear\virus clear8\uiframework\uiwinmgr.exe" -set silent "1" splashurl ""

Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Security Client

Command:
"C:\Program Files\ntte\virus clear\virus clear8\uiframework\uiwinmgr.exe" -set silent "1" splashurl ""


Scan uiWinMgr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.