» OVTray.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

OVTray.exe

Online Vault

Crawler, LLC

The application OVTray.exe, “Online Vault Tray” by Crawler has been detected as a potentially unwanted program by 4 anti-malware scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Online Vault’. This file is typically installed with the program Online Vault by Crawler, LLC.

File name:

OVTray.exe

Publisher:

Crawler.com (signed by Crawler, LLC)

Product:

Online Vault

Description:

Online Vault Tray

Version:

1.0.0.35

MD5:

b045910243725e0a44099d4c2d771160

SHA-1:

714e031d6abffb38abb5847143280d047836cddd

SHA-256:

91dd9afd6b8101f11bb417bd90e794261e7a20d3c550f49eadaab89a3d4f3d5c

Scanner detections:

4 / 68

Status:

Potentially unwanted

Analysis date:

5/20/2024 2:43:09 PM UTC (today)

Scan engine

Detection

Engine version

Boost by Reason

Adware.Startup.Crawler.G

2013.8.3.16

Emsisoft Anti-Malware

Win32.Parite

8.14.08.08.02

Reason Heuristics

PUP.Startup.Crawler.G

14.8.8.2

XVirus List

Win.Detected

2.3.31

File size:

363.1 KB (371,808 bytes)

Product version:

1.0.0.35

Original file name:

OVTray.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\onlinevault\ovtray.exe

Digital Signature

Signed by:

Crawler, LLC

Authority:

VeriSign, Inc.

Valid from:

12/9/2010 4:00:00 PM

Valid to:

12/11/2013 3:59:59 PM

Subject:

CN="Crawler, LLC", OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Crawler, LLC", L=Boca Raton, S=Florida, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1535EDA3C8F2FED30D4497572760F240

File PE Metadata

Compilation timestamp:

1/7/2013 12:57:36 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:UWCl+hnoQ8vn+KhbhkjxMSrGQ388sAxJ/de3e4svylreeV:UmhnoQ8vbzkxrG488soJ/dbyJ3

Entry address:

0x3ACB0

Entry point:

55, 8B, EC, 83, C4, F0, B8, E4, 9B, 43, 00, E8, E8, BD, FC, FF, E8, 97, ED, FF, FF, E8, CE, 99, FC, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.9735

Code size:

231.5 KB (237,056 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Online Vault

Command:

"C:\Program Files\onlinevault\ovtray.exe"

The file OVTray.exe has been discovered within the following program.

Online Vault by Crawler, LLC

Publisher's description - “Online Vault is a small yet powerful application that automatically backs up all your important data to secure servers but also makes it possible for you to access it on the go! Keeping your data secure is our priority! We make sure it stays safe and available for you anytime, anywhere! Online Vault is quite small and requires very little space to work effectively.”

www.onlinevault.com

45% remove it

Remove OVTray.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.