home

AnVir.exe

AnVir Startup Manager

Ilya Kheifets

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘AnVir Startup Manager’.
Publisher:
AnVir Software  (signed by Ilya Kheifets)

Product:
AnVir Startup Manager

Version:
6.3.1.0

MD5:
92ab9f16305393d2f613d43482bf8b56

SHA-1:
135b12747a9d3dadc4fc0887844b7a6f4223c996

SHA-256:
aff36a0ec3f60ce96e763691f7c03bfea29d4beee4a2d045b1cebfcaa2ac155d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 4:16:24 AM UTC  (today)

File size:
3.1 MB (3,201,816 bytes)

Product version:
6.3.1.0

Copyright:
Copyright (c) 2000-2010. AnVir Software

Trademarks:
AnVir Startup Manager

Original file name:
AnVir.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\anvir startup manager\anvir.exe

Digital Signature
Signed by:
Ilya Kheifets

Authority:
The USERTRUST Network

Valid from:
9/11/2008 6:00:00 AM

Valid to:
9/12/2011 5:59:59 AM

Subject:
CN=Ilya Kheifets, O=Ilya Kheifets, STREET="Altayskaya, 29", L=Moscow, S=-, PostalCode=107589, C=RU

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00C2E4DD6035D0C7DCAE689D0526EFF2C7

File PE Metadata
Compilation timestamp:
5/6/2010 9:40:22 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1000

Entry point:
68, 01, 50, 95, 00, E8, 01, 00, 00, 00, C3, C3, 6D, 8C, FB, B4, A1, C7, 24, CD, F1, 4D, D2, DF, 8D, 3B, B9, 89, DC, FD, 8A, A2, 04, D8, DA, 5F, CB, F0, 7D, 01, 92, DA, 53, AE, FB, BB, C9, 02, 07, CF, 25, 20, 95, E0, 7B, CB, 66, 90, 27, BE, F0, 7C, FD, 47, 20, F3, 7B, C8, 0B, FA, 4E, 84, 07, 97, 96, 8F, 8B, C5, DC, BA, A5, FC, 8B, 2A, 66, 2D, 7F, A8, 95, 8E, D7, F4, F0, 6E, F1, 69, 78, A1, 37, 24, 58, F1, 36, C7, 74, D9, 0A, 00, 19, 02, 66, 18, 48, 09, 98, 7C, F9, BA, 53, 86, 57, B0, B1, 03, B5, 02, 34, 8E...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
592 KB (606,208 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AnVir Startup Manager

Command:
"C:\Program Files\anvir startup manager\anvir.exe" minimized


Scan AnVir.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.