home

zillya.exe

Zillya Antivirus

ALLIT Service, LLC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Zillya Antivirus’.
Publisher:
ALLIT Service, LLC.  (signed and verified)

Product:
Zillya Antivirus

Version:
1,1,3250,0

MD5:
05652f93dd4a6a2566e6c02d2cda23b5

SHA-1:
86907e597f133d7348807e201736286a18642200

SHA-256:
28136afeee51e70b5f31e5535047303ddd654a9f15a2675d80c55dbaed2c2046

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 7:20:29 PM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/Patched.Y.gen
4.6.5.141

File size:
3.1 MB (3,238,504 bytes)

Product version:
1,1,3250,0

Copyright:
(c) 2009 - 2011 ALLIT Service, LLC. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\zillya antivirus\zillya.exe

Digital Signature
Signed by:
ALLIT Service, LLC.

Authority:
COMODO CA Limited

Valid from:
3/27/2012 2:00:00 AM

Valid to:
3/28/2013 12:59:59 AM

Subject:
CN="ALLIT Service, LLC.", O="ALLIT Service, LLC.", STREET="Observatornaya st., 23, apt. 17", L=Kyiv, S=Kyivska, PostalCode=04053, C=UA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E9D861160C589429EB68D473EBC277B1

File PE Metadata
Compilation timestamp:
5/14/2012 1:35:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x219C6D

Entry point:
C3, C3, C3, C3, C3, C3, C3, C3, FF, FF, CC, FF, 25, A0, 5F, 66, 00, CC, CC, 57, 56, 55, 33, FF, 33, ED, 8B, 44, 24, 14, 0B, C0, 7D, 15, 47, 45, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24, 18, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 1C, 89, 54, 24, 18, 0B, C0, 75, 28, 8B, 4C, 24, 18, 8B, 44, 24, 14, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 10, F7, F1, 8B, F0, 8B, C3, F7, 64, 24, 18, 8B, C8, 8B, C6, F7, 64, 24, 18, 03, D1, EB, 47, 8B...
 
[+]

Code size:
2.4 MB (2,506,752 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Zillya Antivirus

Command:
"C:\Program Files\zillya antivirus\zillya.exe" \min


Scan zillya.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.