VirusTotal - Free Online Virus, Malware and URL Scanner

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.

File name:

adobeupdater.exe

Submission date:

2009-11-03 01:19:16 (UTC)

Current status:

finished

Result:

9 /40 (22.5%)

VT Community

not reviewed
Safety score: -

Compact

Print results

Antivirus	Version	Last Update	Result
a-squared	4.5.0.41	2009.11.02	-
AhnLab-V3	5.0.0.2	2009.11.02	-
AntiVir	7.9.1.53	2009.11.02	TR/Spy.ZBot.acus
Antiy-AVL	2.0.3.7	2009.11.02	-
Authentium	5.1.2.4	2009.11.03	-
Avast	4.8.1351.0	2009.11.02	-
AVG	8.5.0.423	2009.11.02	PSW.Generic7.APGA
BitDefender	7.2	2009.11.02	-
CAT-QuickHeal	10.00	2009.11.02	-
ClamAV	0.94.1	2009.11.02	-
Comodo	2820	2009.11.03	TrojWare.Win32.TrojanSpy.Zbot.Gen
DrWeb	5.0.0.12182	2009.11.02	Trojan.PWS.Panda.122
eSafe	7.0.17.0	2009.11.02	-
eTrust-Vet	35.1.7098	2009.11.02	-
F-Prot	4.5.1.85	2009.11.02	-
F-Secure	9.0.15370.0	2009.10.30	-
Fortinet	3.120.0.0	2009.11.02	-
GData	19	2009.11.02	-
Ikarus	T3.1.1.72.0	2009.11.02	-
Jiangmin	11.0.800	2009.11.02	-
K7AntiVirus	7.10.886	2009.11.02	-
Kaspersky	7.0.0.125	2009.11.03	Trojan-Spy.Win32.Zbot.acus
McAfee	5790	2009.11.02	-
McAfee+Artemis	5790	2009.11.02	Artemis!FF84FC7E38A5
McAfee-GW-Edition	6.8.5	2009.11.02	Trojan.Spy.ZBot.acus
Microsoft	1.5202	2009.11.02	-
NOD32	4566	2009.11.02	Win32/Spy.Zbot.UN
Norman	6.03.02	2009.11.02	-
nProtect	2009.1.8.0	2009.11.02	-
Panda	10.0.2.2	2009.11.02	-
PCTools	7.0.3.5	2009.11.02	-
Rising	21.54.04.00	2009.11.02	-
Sophos	4.47.0	2009.11.02	-
Sunbelt	3.2.1858.2	2009.11.02	-
Symantec	1.4.4.12	2009.11.03	Trojan Horse
TheHacker	6.5.0.2.058	2009.10.31	-
TrendMicro	8.950.0.1094	2009.11.02	-
VBA32	3.12.10.11	2009.11.02	-
ViRobot	2009.11.2.2017	2009.11.02	-
VirusBuster	4.6.5.0	2009.11.02	-

Additional information
MD5 : ff84fc7e38a56f0ab67ce13e09c155ab
SHA1 : 06622e5791f3e6a39f5a6a66f98686e616b0f914
SHA256: 063a5d6c73893809a6a9d65af1611f45506bf117b1ae3cffc49405f765d88d2c
ssdeep: 3072:sBaJu/H2ZDBVQWj00aJ96OSu3DDiO40P/7xMi1o:dJ9DwOv4v5nLyi1
File size : 115200 bytes
First seen: 2009-10-26 18:17:38
Last seen : 2010-01-26 10:43:31
Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
TrID: Win32 Executable Generic (42.3%)[lb]Win32 Dynamic Link Library (generic) (37.6%)[lb]Generic Win/DOS Executable (9.9%)[lb]DOS Executable Generic (9.9%)[lb]Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEiD: -
PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x6FB8 timedatestamp....: 0x47D55C41 (Mon Mar 10 16:05:21 2008) machinetype......: 0x14C (Intel I386) [[ 4 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x6C4C, 0x6E00, 7.18, 0fef07be3a510f3d30e589c21af98cb9 .rdata, 0x8000, 0xCF74, 0xD000, 7.25, 46045fee74760d3fb32c57a94393bfd7 .data, 0x15000, 0xABC6, 0x7C00, 7.22, 2c93afc9473e16b10d387eb6bebf7533 .rsrc, 0x20000, 0x3B0, 0x400, 3.16, e7f20ecff4857cc9beaefe54866e7367 [[ 4 import(s) ]] kernel32.dll: HeapCreate, HeapDestroy, LocalAlloc, LocalFree, GlobalFree, GlobalAlloc, LoadLibraryExA, Sleep, lstrcmpiA, SetHandleCount, SetErrorMode, GetVersionExA, WideCharToMultiByte, LeaveCriticalSection, ExitThread, IsBadWritePtr, GetLocalTime, LCMapStringA, FindNextFileW, GetProcAddress, LoadLibraryExW msvcrt.dll: _acmdln, __mb_cur_max, _except_handler3, strchr, __p__commode, _adjust_fdiv, toupper, _iob, malloc, realloc, _stricmp, _strnicmp, __2@YAPAXI@Z, __initenv, _initterm, fopen, exit ntdll.dll: RtlInsertElementGenericTable, RtlRaiseStatus, NtOpenKey, RtlSetDaclSecurityDescriptor, NtCreateEvent, NtWaitForSingleObject, RtlUpcaseUnicodeString, wcschr, NtOpenFile, RtlMultiByteToUnicodeN, RtlDecompressBuffer, RtlSubAuthoritySid, NtReadFile, DbgBreakPoint, RtlNumberOfSetBits, NtQueryValueKey, wcslen, NtFsControlFile, RtlInitializeBitMap, RtlFindMessage, NtDelayExecution, _alldiv, RtlSystemTimeToLocalTime ulib.dll: _Get_Standard_Output_Stream@@YGPAVSTREAM@@XZ, __1STREAM_MESSAGE@@UAE@XZ, __0ARRAY@@QAE@XZ, _QueryDirectory@SYSTEM@@SGPAVFSN_DIRECTORY@@PBVPATH@@E@Z, _Get_Standard_Input_Stream@@YGPAVSTREAM@@XZ, __0STRING_ARGUMENT@@QAE@XZ, __0CLASS_DESCRIPTOR@@QAE@XZ, _Initialize@PATH@@QAEEPBV1@E@Z, _Initialize@WSTRING@@QAEEPBV1@KK@Z, _Initialize@FLAG_ARGUMENT@@QAEEPAD@Z, _Usage@PROGRAM@@UBEXXZ, __1PROGRAM@@UAE@XZ, _DisplayMessage@PROGRAM@@UBAEKW4MESSAGE_TYPE@@PADZZ, _Fatal@PROGRAM@@UBEXXZ, __1ARRAY@@UAE@XZ, _Display@MESSAGE@@QAAEPBDZZ, _SetCaseSensitive@ARGUMENT_LEXEMIZER@@QAEXE@Z, _DisplayMessage@PROGRAM@@UBEEKW4MESSAGE_TYPE@@@Z
Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=93A7C274008F8610C24F0151FB6E9600121D9108
ThreatExpert: http://www.threatexpert.com/report.aspx?md5=ff84fc7e38a56f0ab67ce13e09c155ab

VT Community

This file has never been reviewed by any VT Community member. Be the first one to comment on it!

VirusTotal Team

Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?

Goodware

Malware

Spam attachment/link

P2P download

Propagating via IM

Network worm

Drive-by-download

ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

email
password
	Keep me logged in
	Signing in, please wait...
	Login failed, please try again

Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...