home

V3LTray.exe

V3Light Framework

AhnLab, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AhnLab Tray Process’.
Publisher:
AhnLab, Inc.  (signed and verified)

Product:
V3Light Framework

Description:
V3 365 Clinic Tray

Version:
2, 0, 1, 14

MD5:
65f6ed7a0356bccd4d0287c488be79d4

SHA-1:
384bc04ecaa1aa498f0038e33518bc1bf3839c70

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 5:24:02 AM UTC  (today)

File size:
474.1 KB (485,480 bytes)

Product version:
2, 0, 0, 1

Copyright:
Copyright (C), AhnLab, Inc. 1988-2008, All rights reserved.

Original file name:
V3LTray.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\protector\v3 365 clinic\v3ltray.exe

Digital Signature
Signed by:
AhnLab, Inc.

Authority:
VeriSign, Inc.

Valid from:
10/6/2009 7:00:00 AM

Valid to:
10/7/2010 6:59:59 AM

Subject:
CN="AhnLab, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="AhnLab, Inc.", L="Yeongdeungpo-gu ", S=SEOUL, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6D1F15C8B89225B9BBFFE923241A6AC4

File PE Metadata
Compilation timestamp:
8/26/2010 7:52:02 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:KqHfY9i55lpOefRz2bLKk3+F9FTjVjN/u1qr1uqLKMVQmFYjmyl8OTa6hhDo:Kq/tbeKzYDgL/LxVQmFerPM

Entry address:
0x4AE17

Entry point:
E8, D8, 09, 00, 00, E9, D8, FC, FF, FF, 8B, 00, 81, 38, 63, 73, 6D, E0, 74, 03, 33, C0, C3, E9, 57, 0A, 00, 00, 6A, 14, 68, 98, 8C, 46, 00, E8, BD, 08, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 0B, 0A, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, B3, 08, 00, 00, C2, 10, 00, 6A, 0C, 68, B8, 8C, 46...
 
[+]

Code size:
319.5 KB (327,168 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AhnLab Tray Process

Command:
"C:\Program Files\protector\v3 365 clinic\v3ltray.exe" \logon


Scan V3LTray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.