» perfvwr.dll
Overview
Analysis
File Details

perfvwr.dll

Performance Analyze Library

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The library perfvwr.dll, “Performance Analyze Library” has been detected as malware by 35 anti-virus scanners.

File name:

perfvwr.dll

Publisher:

Microsoft Corporation* (Invalid match)

Product:

Microsoft® Windows® Operating System

Description:

Performance Analyze Library

Version:

5.1.2600.5512 (xpsp.080413-2108)

MD5:

65ba85102aaec5daf021f9bfb9cddd16

SHA-1:

2cca5a0191e6e3709da877c6289c0fab4305ac74

SHA-256:

f9feee6ebbc3dc0d35eea8bf00fc96cf075d59588621b0132b423a4bbf4427d4

Scanner detections:

35 / 68

Status:

Malware

Analysis date:

4/24/2024 8:49:45 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Downloader.Agent.AAQK

836

Agnitum Outpost

Trojan.DL.Agent

7.1.1

AhnLab V3 Security

Trojan/Win32.DDoS

2014.08.15

Avira AntiVirus

TR/Dldr.Agent.pag

7.11.167.110

avast!

Win32:Trojan-gen

2014.9-141022

AVG

Agent2

2015.0.3314

Baidu Antivirus

Trojan.Win32.Downloader

4.0.3.141022

Bitdefender

Trojan.Downloader.Agent.AAQK

1.0.20.1475

Bkav FE

W32.OnlineGameGLISC.Trojan

1.3.0.4959

Clam AntiVirus

Trojan.Downloader-73527

0.98/21411

Comodo Security

TrojWare.Win32.TrojanDownloader.Agent.chwx

19193

Dr.Web

DDoS.Config.6

9.0.1.0295

Emsisoft Anti-Malware

Trojan.Downloader.Agent.AAQK

8.14.10.22.03

ESET NOD32

Win32/Lyzapo

8.10257

Fortinet FortiGate

W32/Agent.CHWX!tr.dldr

10/22/2014

F-Prot

W32/Downldr2.FZUB

v6.4.7.1.166

F-Secure

Trojan.Downloader.Agent.AAQK

11.2014-22-10_4

G Data

Trojan.Downloader.Agent.AAQK

14.10.24

K7 AntiVirus

Trojan

13.183.13054

Kaspersky

Trojan-Downloader.Win32.Agent

14.0.0.3064

McAfee

W32/Mydoom.cf.dll

5600.6970

Microsoft Security Essentials

Trojan:Win32/Lyzapo.A

1.10802

MicroWorld eScan

Trojan.Downloader.Agent.AAQK

15.0.0.885

NANO AntiVirus

Trojan.Win32.Agent.cqjbmb

0.28.2.61519

nProtect

Trojan/W32.Agent.65536.LZ

14.08.14.01

Panda Antivirus

W32/MyDoom.HN.worm

14.10.22.03

Qihoo 360 Security

Win32/Trojan.Downloader.83e

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.11E997C9!300521417

23.00.65.141020

Sophos

Troj/Agent-KLS

4.98

Total Defense

Win32/Mydoom.BS

37.0.11121

Trend Micro House Call

WORM_MYDOOM.EA

7.2.295

Trend Micro

WORM_MYDOOM.EA

10.465.22

Vba32 AntiVirus

TrojanDownloader.Agent

3.12.26.3

VIPRE Antivirus

Backdoor.Generic

32222

ViRobot

Trojan.Win32.DDoS-Agent.65536

2011.4.7.4223

File size:

64 KB (65,536 bytes)

Product version:

5.1.2600.5512

Original file name:

perfvwr.dll

File type:

Dynamic link library (Win32 DLL)

File PE Metadata

Compilation timestamp:

7/4/2009 9:38:20 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:6/L5t4HP4XD5TaJoKGHyzUaC9UztCVsaSDh:MtqSDoKy4akutCVsaSD

Entry address:

0x5594

Entry point:

55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, 14, FB, 00, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, 14, 12, 01, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, E7, FE, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 54, C2, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, C3, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, B2, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00... 
[+]

Entropy:

6.3512

Developed / compiled with:

Microsoft Visual C++

Code size:

43.5 KB (44,544 bytes)

Remove perfvwr.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.