» AVKTray.exe
Overview
Analysis
File Details
Behaviors (1)

AVKTray.exe

Ad-Aware TotalSecurity

Lavasoft AB

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘G Data AntiVirus Tray Application’.

File name:

AVKTray.exe

Publisher:

Lavasoft AB (signed and verified)

Product:

Ad-Aware TotalSecurity

Description:

Ad-Aware Total Security

Version:

21.0.10174.827

MD5:

d7fe14d5cd73f02f820f4075f4bbaf1e

SHA-1:

21b979d2febe66bb227c306006b325193053fa32

SHA-256:

f8d707c468b588dac045bf2f87715212cd7097cb03be72bfc206a2d49d58d81b

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 5:26:13 AM UTC (today)

File size:

960.5 KB (983,552 bytes)

Product version:

21.0.0.0

Original file name:

AVKTray.exe

File type:

Executable application (Win32 EXE)

Language:

German (Germany)

Common path:

C:\Program Files\lavasoft\ad-aware total security\avktray\avktray.exe

Digital Signature

Signed by:

Lavasoft AB

Authority:

VeriSign, Inc.

Valid from:

10/13/2008 2:00:00 AM

Valid to:

10/14/2011 1:59:59 AM

Subject:

CN=Lavasoft AB, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Lavasoft AB, L=Gothenburg, S=Vaestra Goetaland, C=SE

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1184A8AC41E85A9FC060FBB9FE17659B

File PE Metadata

Compilation timestamp:

6/23/2010 1:48:11 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:94FT+uLDa5H2Gvm2Kg8HIiBC2NP4HCa+DbpukHT7A+V3zcF1mKQ8lc:yqW6gtHp9HTc+V32Q82

Entry address:

0x64B12

Entry point:

E8, 4C, A7, 00, 00, E9, 79, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, C8, FD, 49, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, C8, FD, 49, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B... 
[+]

Code size:

517.5 KB (529,920 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

G Data AntiVirus Tray Application

Command:

C:\Program Files\lavasoft\ad-aware total security\avktray\avktray.exe

Scan AVKTray.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.