home

dicterupdater.exe

Product Installer

ITVA OOO

The application dicterupdater.exe, “!TVA Software Installer” by ITVA OOO has been detected as a potentially unwanted program by 12 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory.
Publisher:
!TVA LLC  (signed by ITVA OOO)

Product:
Product Installer

Description:
!TVA Software Installer

Version:
1.2.0.3

MD5:
d23c8921aa1a7161a33b72bdd48efabc

SHA-1:
dd87c973b5757c436b651fe1a026b2c173aaa634

SHA-256:
42f2854f212a83b6ae104670db225d588ed913c73350afd0974621cf1f944027

Scanner detections:
12 / 68

Status:
Potentially unwanted

Analysis date:
11/14/2024 9:43:16 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
TR/Avti.175568
8.3.1.6

Baidu Antivirus
PUA.Win32.Itva
4.0.3.15527

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Downware.11301
9.0.1.0147

ESET NOD32
Win32/Itva.D potentially unwanted
9.11671

Fortinet FortiGate
Riskware/Itva
5/27/2015

IKARUS anti.virus
PUA.Itva
t3scan.1.8.9.0

K7 AntiVirus
Adware
13.204.16003

McAfee
Artemis!D23C8921AA1A
5600.6753

NANO AntiVirus
Riskware.Win32.Downware.drxyai
0.30.24.1636

Trend Micro House Call
Suspicious_GEN.F47V0519
7.2.147

File size:
171.4 KB (175,552 bytes)

Product version:
1.2.0.3

Copyright:
Copyright © 2004-2015 !TVA LLC.

Trademarks:
!TVA, InstallTraffic.

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\dicterupdater.exe

Digital Signature
Signed by:
ITVA OOO

Authority:
COMODO CA Limited

Valid from:
4/27/2015 3:00:00 AM

Valid to:
4/27/2016 2:59:59 AM

Subject:
CN=ITVA OOO, OU=Software Distribution, O=ITVA OOO, STREET=Koryakova ul. 18, L=Saint-Petersburg, S=RU, PostalCode=194356, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0081BEC7171AF62F3BA4384B4965B7282C

File PE Metadata
Compilation timestamp:
4/28/2015 9:19:20 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:PCAbwxZ4XIr7D8ZjSjfoutkRCxWhHt0ChZe4SD:VwxZ9r8dSLoSkR9HzbS

Entry address:
0x5DAE0

Entry point:
60, BE, 00, 40, 44, 00, 8D, BE, 00, D0, FB, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 06, B4, 05, 00, 57, 83, C3, 04, 53, 68, D2, 9A, 01, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 00, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
108 KB (110,592 bytes)

Remove dicterupdater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.