» fvqkdrvd.exe_
Overview
Analysis
File Details

fvqkdrvd.exe_

EmiSoft

The file fvqkdrvd.exe_ has been detected as a potentially unwanted program by 22 anti-malware scanners.

File name:

fvqkdrvd.exe_

Publisher:

EmiSoft

Version:

1.1.0

MD5:

bf6e3189a8366f78a9e8a6f74c9d1ca7

SHA-1:

a8d49209c5e01a58754076595aa3f118664caf94

SHA-256:

7391033f3870c1f4f7d9d968a8fd58b8ff3c5db2cdc21d12bbd6aa55c137b8b0

Scanner detections:

22 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 3:09:21 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.515948

737

Avira AntiVirus

TR/Crypt.ZPACK.114575

7.11.197.26

avast!

Win32:Malware-gen

2014.9-150128

AVG

Generic6

2016.0.3215

Bitdefender

Gen:Variant.Kazy.515948

1.0.20.140

Bkav FE

HW32.Packed

1.3.0.6267

Comodo Security

UnclassifiedMalware

20434

Emsisoft Anti-Malware

Gen:Variant.Kazy.515948

8.15.01.28.01

ESET NOD32

Win32/Adware.XPAntiSpyware.AH

9.10911

Fortinet FortiGate

W32/XPAntiSpyware.AH!tr

1/28/2015

F-Secure

Gen:Variant.Kazy.515948

11.2015-28-01_4

G Data

Gen:Variant.Kazy.515948

15.1.24

K7 AntiVirus

Adware

13.188.14395

McAfee

RDN/Generic FakeAlert!fe

5600.6871

Microsoft Security Essentials

Rogue:Win32/FakeRean

1.11302

MicroWorld eScan

Gen:Variant.Kazy.515948

16.0.0.84

NANO AntiVirus

Trojan.Win32.ZPACK.dkoqzt

0.28.6.64267

Reason Heuristics

Threat.Win.Reputation.IMP

15.1.28.13

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_FAKEREAN.XY

7.2.28

Trend Micro

TROJ_FAKEREAN.XY

10.465.28

VIPRE Antivirus

FraudTool.Win32.FakeRean

35952

File size:

81 KB (82,944 bytes)

Product version:

1.1.0

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\fvqkdrvd.exe_

File PE Metadata

Compilation timestamp:

12/12/2014 3:20:38 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

1.71

CTPH (ssdeep):

1536:aca8x7l1B832YGasVSXEZcc+COYaMOV/fpRIWfEYoSKCsU6zVT:a3wlz8mikq0+Q6V/fpTfEf5nh

Entry address:

0x1FD000

Entry point:

55, 89, E5, 81, EC, E8, 00, 00, 00, 6A, 00, FF, 15, 40, 90, 5E, 00, 89, 45, FC, C7, 85, 34, FF, FF, FF, 30, 00, 00, 00, C7, 85, 38, FF, FF, FF, 00, 00, 00, 00, C7, 85, 3C, FF, FF, FF, E5, D0, 5F, 00, C7, 85, 40, FF, FF, FF, 00, 00, 00, 00, C7, 85, 44, FF, FF, FF, 00, 00, 00, 00, 8B, 45, FC, 89, 85, 48, FF, FF, FF, C7, 85, 4C, FF, FF, FF, 00, 00, 00, 00, C7, 85, 50, FF, FF, FF, 00, 00, 00, 00, C7, 85, 54, FF, FF, FF, 10, 00, 00, 00, C7, 85, 58, FF, FF, FF, 00, 00, 00, 00, C7, 85, 5C, FF, FF, FF, 28, 10, 40... 
[+]

Entropy:

7.8834 (probably packed)

Code size:

1024 Bytes (1,024 bytes)

Remove fvqkdrvd.exe_ - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.