home

bkav2006.exe

BkavHome

BKAV

The executable bkav2006.exe has been detected as malware by 3 anti-virus scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘BkavFw’.
Publisher:
BKAV

Product:
BkavHome

Version:
9, 0, 0, 1

MD5:
dff032010f45857c272bec28badf371d

SHA-1:
953f8b8b8f28aa7470101fe7fbd65e786b21a9b3

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/24/2024 10:55:03 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
PCK/Telock
7.11.35.46

AVG
PSW.OnlineGames4
2015.0.3501

Dr.Web
Trojan.PWS.Gamania.origin
9.0.1.0108

File size:
22.8 MB (23,956,480 bytes)

Product version:
9, 0, 0, 1

Copyright:
© 2006 Nguyen Tu Quang

Original file name:
BkavHome.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\bkav2006\bkav2006.exe

File PE Metadata
Compilation timestamp:
3/10/2010 12:11:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
393216:uUxMW7hvI1nOndJUOirtguL7NEtTo4LHwU7xVrd352CTkVr01IAgs5I:urW7BI1nYdJR8tguLOtU+vFbQgFgsm

Entry address:
0x78FD000

Entry point:
90, 60, E8, 02, 00, 00, 00, E8, 00, E8, 00, 00, 00, 00, 5E, 2B, C9, 58, 74, 02, CD, 20, B9, FF, 10, 00, 00, 8B, C1, F8, 73, 02, CD, 20, 83, C6, 32, 8D, 44, 81, 67, E8, 02, 00, 00, 00, E8, 80, 30, 06, 46, 5A, EB, 01, E9, D4, 09, E2, EA, 67, E3, 02, CD, 20, 8A, 6B, 92, 6B, 82, B2, F7, 55, A5, 4C, C0, 45, D5, 7E, CE, 29, AB, EB, 5A, DE, 43, F5, 2D, 5A, 0A, 3C, D4, C1, E6, 91, 6F, C0, 71, 80, 74, E1, 7B, 4E, F8, ED, 1C, 57, FC, 79, 17, C1, 6E, 96, 75, E1, 9B, CF, F5, 28, C7, 13, EC, F6, 8A, FE, F8, 8C, 32, A3...
 
[+]

Entropy:
7.9333

Packer / compiler:
tElock v0.90

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
BkavFw

Command:
C:\Program Files\bkav2006\bkav2006.exe taskbar


Remove bkav2006.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.