home

RVAgTray.EXE

RemoteView Agent Tray Application

Rsupport Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RemoteView Tray’.
Publisher:
Rsupport Co., Ltd.  (signed and verified)

Product:
RemoteView Agent Tray Application

Version:
4, 0, 1, 14

MD5:
4a020282adb90ca9b5cf1439358b3ba9

SHA-1:
efcd05949951e9c862cb540fbb804bc15711ada2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 12:52:57 PM UTC  (today)

File size:
285.3 KB (292,120 bytes)

Product version:
4, 0, 1, 14

Copyright:
Copyright (C) 2005 ~ 2009 RSUPPORT CO., LTD. All rights reserved.

Original file name:
RVAgTray.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\rsupport\remoteview agent 4.0\rvagtray.exe

Digital Signature
Signed by:
Rsupport Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
4/27/2009 9:00:00 AM

Valid to:
6/22/2010 8:59:59 AM

Subject:
CN="Rsupport Co., Ltd.", OU=Marketing Team, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Rsupport Co., Ltd.", L=Songpa-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
433778F0BBB3EE6084FF8F57C7AA747C

File PE Metadata
Compilation timestamp:
5/19/2009 5:20:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x11C08

Entry point:
55, 8B, EC, 6A, FF, 68, F0, 5B, 41, 00, 68, D0, 1A, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 4C, 45, 41, 00, 59, 83, 0D, 30, B6, 41, 00, FF, 83, 0D, 34, B6, 41, 00, FF, FF, 15, 50, 45, 41, 00, 8B, 0D, 24, B6, 41, 00, 89, 08, FF, 15, 54, 45, 41, 00, 8B, 0D, 20, B6, 41, 00, 89, 08, A1, 58, 45, 41, 00, 8B, 00, A3, 2C, B6, 41, 00, E8, 1C, 01, 00, 00, 39, 1D, 10, B5, 41, 00, 75, 0C, 68, 90, 1D, 41, 00, FF, 15, 5C, 45...
 
[+]

Entropy:
3.3545

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
76 KB (77,824 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RemoteView Tray

Command:
"C:\Program Files\rsupport\remoteview agent 4.0\rvagtray.exe" \background


Scan RVAgTray.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.