home

avsvc64.exe

ITVA OOO

The application avsvc64.exe by ITVA OOO has been detected as a potentially unwanted program by 4 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “AVitva AntiVirus Service”.
Publisher:
ITVA OOO  (signed and verified)

Version:
1.0.1.1

MD5:
c84af2393515c6e6f12e3f1eb9f5c47f

SHA-1:
39ba63a0470c63623c896ae3622484e4dfa717d0

SHA-256:
6ce4cd0d62e8014b7e45d998f70baace251eebdf5c1643b94a048e4171634c5b

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/26/2024 1:20:57 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W64.HfsAdware
1.3.0.6379

Dr.Web
Adware.Downware.11301
9.0.1.0184

Reason Heuristics
PUP.ITVAOOO (M)
15.7.3.12

Trend Micro House Call
Suspicious_GEN.F47V0522
7.2.184

File size:
1.2 MB (1,273,000 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\avitva\avsvc64.exe

Digital Signature
Signed by:
ITVA OOO

Authority:
COMODO CA Limited

Valid from:
4/17/2015 2:00:00 AM

Valid to:
4/17/2016 1:59:59 AM

Subject:
CN=ITVA OOO, O=ITVA OOO, STREET=18 Koryakova ul, L=Saint-Petersburg, S=RU, PostalCode=194356, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
7F3EBBC3A0970348263AADDFFB39E887

File PE Metadata
Compilation timestamp:
2/27/2015 12:16:48 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
12288:fK/JFHj8w6pKW4czS6O7safXckiEWqguTW3Nz+bipx4of:fy0pFcV7WqgSWN+8ff

Entry address:
0x10D770

Entry point:
55, 48, 83, EC, 70, 48, 8B, EC, 48, C7, 45, 30, 00, 00, 00, 00, 48, C7, 45, 40, 00, 00, 00, 00, 48, C7, 45, 38, 00, 00, 00, 00, 48, C7, 45, 48, 00, 00, 00, 00, 48, C7, 45, 58, 00, 00, 00, 00, 48, C7, 45, 50, 00, 00, 00, 00, 48, C7, 45, 68, 00, 00, 00, 00, 48, C7, 45, 60, 00, 00, 00, 00, 48, 8B, 05, E1, 65, 01, 00, C6, 00, 01, 90, 48, 8D, 0D, 4E, A4, FF, FF, E8, 01, 3E, F0, FF, 90, 48, 8D, 4D, 60, C7, C2, 01, 00, 00, 00, E8, E1, 94, EF, FF, 48, 8D, 4D, 68, 48, 8B, 55, 60, E8, 54, 65, F1, FF, 48, 8D, 0D, A9...
 
[+]

Code size:
1 MB (1,100,288 bytes)

Service
Display name:
AVitva AntiVirus Service

Service name:
AVITVASvc

Type:
Win32OwnProcess


Remove avsvc64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.