Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File rdr.exe received on 2009.04.18 13:31:52 (UTC)
Current status: finished
Current status: finished
Result: 16/40 (40.00%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.0.0.101 | 2009.04.18 | Trojan-Spy.Win32.Zbot!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.04.17 | - |
| AntiVir | 7.9.0.143 | 2009.04.17 | TR/Crypt.ZPACK.Gen |
| Antiy-AVL | 2.0.3.1 | 2009.04.17 | - |
| Authentium | 5.1.2.4 | 2009.04.18 | - |
| Avast | 4.8.1335.0 | 2009.04.17 | - |
| AVG | 8.5.0.287 | 2009.04.18 | Pakes.AP |
| BitDefender | 7.2 | 2009.04.18 | Trojan.Spy.ZBot.RL |
| CAT-QuickHeal | 10.00 | 2009.04.18 | - |
| ClamAV | 0.94.1 | 2009.04.18 | - |
| Comodo | 1120 | 2009.04.18 | - |
| DrWeb | 4.44.0.09170 | 2009.04.18 | Trojan.Packed.142 |
| eSafe | 7.0.17.0 | 2009.04.13 | Suspicious File |
| eTrust-Vet | 31.6.6455 | 2009.04.14 | - |
| F-Prot | 4.4.4.56 | 2009.04.17 | - |
| F-Secure | 8.0.14470.0 | 2009.04.18 | Trojan-Spy.Win32.Zbot.gen |
| Fortinet | 3.117.0.0 | 2009.04.18 | W32/Zbot!tr |
| GData | 19 | 2009.04.18 | Trojan.Spy.ZBot.RL |
| Ikarus | T3.1.1.49.0 | 2009.04.18 | Trojan-Spy.Win32.Zbot |
| K7AntiVirus | 7.10.707 | 2009.04.17 | - |
| Kaspersky | 7.0.0.125 | 2009.04.18 | Trojan-Spy.Win32.Zbot.gen |
| McAfee | 5587 | 2009.04.17 | - |
| McAfee+Artemis | 5587 | 2009.04.17 | Generic!Artemis |
| McAfee-GW-Edition | 6.7.6 | 2009.04.18 | Trojan.Crypt.ZPACK.Gen |
| Microsoft | 1.4502 | 2009.04.18 | PWS:Win32/Zbot.J |
| NOD32 | 4018 | 2009.04.18 | - |
| Norman | 6.00.06 | 2009.04.17 | - |
| nProtect | 2009.1.8.0 | 2009.04.18 | - |
| Panda | 10.0.0.14 | 2009.04.18 | - |
| PCTools | 4.4.2.0 | 2009.04.17 | - |
| Prevx1 | V2 | 2009.04.18 | - |
| Rising | 21.25.52.00 | 2009.04.18 | - |
| Sophos | 4.40.0 | 2009.04.18 | Mal/EncPk-CZ |
| Sunbelt | 3.2.1858.2 | 2009.04.18 | Trojan-Spy.Win32.Zbot.gen |
| Symantec | 1.4.4.12 | 2009.04.18 | - |
| TheHacker | 6.3.4.0.309 | 2009.04.16 | - |
| TrendMicro | 8.700.0.1004 | 2009.04.17 | - |
| VBA32 | 3.12.10.2 | 2009.04.12 | - |
| ViRobot | 2009.4.18.1685 | 2009.04.18 | - |
| VirusBuster | 4.6.5.0 | 2009.04.17 | - |
| Additional information |
|---|
| File size: 59392 bytes |
| MD5...: e1b5344c895f54e4bad865594d2bdc58 |
| SHA1..: 50ebb0ab771e486005b2574062ff7b120fd86086 |
| SHA256: 81b9fb842cd2780752f4c85043be4b27c5fc96d0fd778ee83a29a0b060b706e1 |
| SHA512: 31a827ef15b7aa4a645873c4b1f2b04d4eccab747e2864a6192882137d3828fd cad091fb01be5d9607d541a5f65590544ee95b4f97401961b4cbedfe7dddabd9 |
| ssdeep: 1536:5voLdhg1ufGmfEyUxm7iBGdIvECHklGw31Ob:1whg1O98yri44klG0O |
| PEiD..: - |
| TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1b5e timedatestamp.....: 0x47879f64 (Fri Jan 11 16:55:00 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xc1d4 0xc200 7.27 3a6e5519def0fa9b3a739b12a9ce9e2d .rdata 0xe000 0x1f2f 0x2000 7.53 dcbe8f862b36eed7acc8b42aeeaac0e4 .data 0x10000 0x610d 0x200 0.54 df74f8212a8ba75e11c94fb8815db027 ( 4 imports ) > ADVAPI32.dll: DuplicateTokenEx, CryptAcquireContextW, RegCloseKey, GetUserNameW, RegCreateKeyExA, CryptCreateHash, CryptGetHashParam, RegDeleteValueA, CryptHashData, RegQueryValueExA, RegSetValueExA > SHLWAPI.dll: PathRemoveFileSpecW, SHDeleteKeyA, wvnsprintfA, PathCombineW, wvnsprintfW, StrCmpNIA, StrCmpNIW, wnsprintfA, PathFindFileNameW, PathFileExistsW, PathMatchSpecW, StrStrW, wnsprintfW > USER32.dll: CloseWindowStation, CharLowerBuffA, SendMessageA, FindWindowExA, SetProcessWindowStation, GetDlgItemTextA, GetWindowThreadProcessId, EndDialog, GetWindowLongA, MsgWaitForMultipleObjects, DispatchMessageA, GetIconInfo, GetClipboardData, GetCursorPos, GetMessageA, OpenWindowStationA > KERNEL32.dll: GetModuleHandleA, VirtualProtect, VirtualAlloc, GlobalUnlock, GetLocalTime, GetFileSize, GlobalLock, FindResourceW, GetFileAttributesW, HeapAlloc, SetFileTime, FindFirstFileW, GetSystemTime, CreateMutexW, GetFileSizeEx, GetCommandLineA, GetLastError, lstrlenA, GetUserDefaultUILanguage, GetModuleFileNameA, HeapReAlloc, Sleep, UnmapViewOfFile ( 0 exports ) |
| RDS...: NSRL Reference Data Set - |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
