» pzfixnrnqd.exe
Overview
Analysis
File Details

pzfixnrnqd.exe

The application pzfixnrnqd.exe has been detected as a potentially unwanted program by 28 anti-malware scanners.

File name:

pzfixnrnqd.exe

MD5:

647426fa451f03201d2523bee730654a

SHA-1:

0c76632498551892b5c2e79d5a3faa42c3840464

SHA-256:

89861b549521f70ec939a18d2d32cb8da73dc422201416df530a6c870f05cff0

Scanner detections:

28 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 8:03:27 PM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win-Trojan/Xema.variant

2010.09.25

Avira AntiVirus

TR/CodecPack.kuz.65

7.10.12.30

avast!

Win32:FakeAV-AMX

2014.9-150905

AVG

Generic18

2016.0.2995

Bitdefender

Trojan.Generic.KD.23138

1.0.20.1240

Clam AntiVirus

Trojan.Fraudpack-4132

0.98/17211

Comodo Security

UnclassifiedMalware

6196

Dr.Web

Trojan.Fakealert.18538

9.0.1.0248

Emsisoft Anti-Malware

Trojan.Win32.FakeSpypro!IK

8.15.09.05.03

ESET NOD32

Win32/Adware.SpywareProtect2009

9.5479

Fortinet FortiGate

W32/Agent.OCZ!tr

9/5/2015

F-Prot

W32/FakeAlert.HP.gen

v6.4.6.2.117

F-Secure

Trojan.Generic.KD.23138

11.2015-05-09_7

G Data

Trojan.Generic.KD.23138

15.9.21

IKARUS anti.virus

Trojan.Win32.FakeSpypro

t3scan.1.1.88.0

K7 AntiVirus

Riskware

13.63.2608

Kaspersky

Trojan.Win32.Fraudpack

14.0.0.1472

McAfee

FakeAlert-SpyPro.gen.p

5600.6651

Microsoft Security Essentials

Rogue:Win32/FakeSpypro

1.163.1557.0

Norman

W32/Suspicious_Gen2.dam

11.20150905

nProtect

Trojan.Generic.KD.23138

10.09.25.01

Panda Antivirus

Adware/AntivirSolutionPro

15.09.05.03

Prevx

Medium Risk Malware

3.0

Quick Heal

FraudTool.SpyPro

9.15.11.00

Sophos

Troj/Agent-OCZ

4.58

Trend Micro House Call

TROJ_FAKELRT.SMT

7.2.248

Trend Micro

TROJ_FAKELRT.SMT

10.465.05

Vba32 AntiVirus

Adware.SpywareProtect2009

3.12.14.1

File size:

284.3 KB (291,072 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\pzfixnrnqd.exe

File PE Metadata

Compilation timestamp:

8/4/2005 2:14:23 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

3.6

CTPH (ssdeep):

6144:ljzfD3IjiY8khIcyK+HMefrp3G4AOuWcYdLf7iLbmZIsjsnQWA4:lvSvf+HMMpLCiLrsx

Entry address:

0x16C1

Entry point:

55, 8B, EC, 6A, 00, 2E, FF, 15, 40, 30, 42, 00, 83, F8, FF, 74, 3B, 50, 2E, FF, 15, 3C, 30, 42, 00, 83, F8, 00, 75, 2E, 6A, 00, 50, 2E, FF, 15, 44, 30, 42, 00, A9, A8, FF, F8, 7F, 74, 01, C3, 69, C0, 77, 92, 40, 5E, A9, 8E, 39, CD, 76, 75, 0F, 35, A2, D3, D0, 5E, 74, 10, 05, 43, 21, 5E, 28, 50, 75, DC, 6A, FF, FF, 15, 58, 30, 42, 00, C3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.6227

Developed / compiled with:

Microsoft Visual C++

Code size:

134.5 KB (137,728 bytes)

Remove pzfixnrnqd.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.