home

RVAgTray.EXE

RemoteView Agent Tray Application

Rsupport Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RemoteView5 Tray’.
Publisher:
Rsupport Co., Ltd.  (signed and verified)

Product:
RemoteView Agent Tray Application

Version:
5, 2, 16, 1

MD5:
d2fc8af1d511b757376becc01e24b991

SHA-1:
e622c25a35d47ae47fdd7208b417eac38a9e88f7

SHA-256:
6fe99bda26943a4f58f39690731657d72cceee6667859c292ffeedd05ed5a7ff

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 3:08:14 AM UTC  (today)

File size:
889.9 KB (911,224 bytes)

Product version:
5, 2, 16, 1

Copyright:
Copyright (C) 2008 ~ 2013 RSUPPORT CO., LTD. All rights reserved.

Original file name:
RVAgTray.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\rsupport\remoteview 5.0\agent\rvagtray.exe

Digital Signature
Signed by:
Rsupport Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
5/3/2010 9:00:00 AM

Valid to:
8/2/2013 8:59:59 AM

Subject:
CN="Rsupport Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Rsupport Co., Ltd.", L=Songpa-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6779E3DEFE24F0FC6EA3861596E10F64

File PE Metadata
Compilation timestamp:
4/10/2013 1:44:00 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x27CF4

Entry point:
55, 8B, EC, 6A, FF, 68, 60, 63, 49, 00, 68, 64, 7A, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 38, 48, 49, 00, 59, 83, 0D, 48, F2, 4A, 00, FF, 83, 0D, 4C, F2, 4A, 00, FF, FF, 15, 3C, 48, 49, 00, 8B, 0D, 34, F2, 4A, 00, 89, 08, FF, 15, 40, 48, 49, 00, 8B, 0D, 30, F2, 4A, 00, 89, 08, A1, 44, 48, 49, 00, 8B, 00, A3, 44, F2, 4A, 00, E8, 3A, 01, 00, 00, 39, 1D, D8, 85, 4A, 00, 75, 0C, 68, 9A, 7E, 42, 00, FF, 15, 48, 48...
 
[+]

Entropy:
5.8680

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
588 KB (602,112 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RemoteView5 Tray

Command:
"C:\Program Files\rsupport\remoteview 5.0\agent\rvagtray.exe" \background


Scan RVAgTray.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.