ok , je te met la copie
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: mdyrk.sys
Submission date: 2010-08-31 14:40:40 (UTC)
Current status: queued queued analysing finished
Result: 1/ 43 (2.3%)
VT Community
not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2010.08.31.01 2010.08.31 -
AntiVir 8.2.4.46 2010.08.31 -
Antiy-AVL 2.0.3.7 2010.08.31 -
Authentium 5.2.0.5 2010.08.31 -
Avast 4.8.1351.0 2010.08.31 -
Avast5 5.0.594.0 2010.08.31 -
AVG 9.0.0.851 2010.08.31 -
BitDefender 7.2 2010.08.31 -
CAT-QuickHeal 11.00 2010.08.31 -
ClamAV 0.96.2.0-git 2010.08.31 -
Comodo 5922 2010.08.31 -
DrWeb 5.0.2.03300 2010.08.31 -
Emsisoft 5.0.0.37 2010.08.31 -
eSafe 7.0.17.0 2010.08.30 Win32.TrojanHorse
eTrust-Vet 36.1.7828 2010.08.31 -
F-Prot 4.6.1.107 2010.08.31 -
F-Secure 9.0.15370.0 2010.08.31 -
Fortinet 4.1.143.0 2010.08.31 -
GData 21 2010.08.31 -
Ikarus T3.1.1.88.0 2010.08.31 -
Jiangmin 13.0.900 2010.08.30 -
K7AntiVirus 9.63.2396 2010.08.30 -
Kaspersky 7.0.0.125 2010.08.31 -
McAfee 5.400.0.1158 2010.08.31 -
McAfee-GW-Edition 2010.1B 2010.08.31 -
Microsoft 1.6103 2010.08.31 -
NOD32 5412 2010.08.31 -
Norman 6.05.11 2010.08.31 -
nProtect 2010-08-31.01 2010.08.31 -
Panda 10.0.2.7 2010.08.31 -
PCTools 7.0.3.5 2010.08.31 -
Prevx 3.0 2010.08.31 -
Rising 22.63.01.04 2010.08.31 -
Sophos 4.56.0 2010.08.31 -
Sunbelt 6817 2010.08.31 -
SUPERAntiSpyware 4.40.0.1006 2010.08.31 -
Symantec 20101.1.1.7 2010.08.31 -
TheHacker 6.5.2.1.359 2010.08.31 -
TrendMicro 9.120.0.1004 2010.08.31 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.31 -
VBA32 3.12.14.0 2010.08.31 -
ViRobot 2010.8.31.4017 2010.08.31 -
VirusBuster 5.0.27.0 2010.08.31 -
Additional informationShow all
MD5 : e6d35f3aa51a65eb35c1f2340154a25e
SHA1 : aabbd57e20d2e7041f9e7abce6cfd8a53c366537
SHA256: 3da4f51682e7d42c5569f1fb1adc6295182962e36f748219e1d0c8f2389ba516
ssdeep: 768:Bosx0q2ph6P2Jpz8ftoSUiJP7hYTCMrhwYKUzY4q:j076P2Jpz8ftBUMPaCMrhwY
File size : 54016 bytes
First seen: 2009-09-18 00:44:25
Last seen : 2010-08-31 14:40:40
TrID:
Clipper DOS Executable (33.3%)
Generic Win/DOS Executable (33.0%)
DOS Executable Generic (33.0%)
VXD Driver (0.5%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0xC505
timedatestamp....: 0x4A9EE5B5 (Wed Sep 02 21:37:57 2009)
machinetype......: 0x14c (I386)
[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x480, 0xBD9F, 0xBE00, 5.83, 9474f39576a0e15bdbaa2ea3355f0a4a
.rdata, 0xC280, 0x126, 0x180, 3.78, 375b710d9f213cfced30e9fdb29567e1
.data, 0xC400, 0xC0, 0x100, 0.33, 786971ca2b109729eda604b44d6c72ad
INIT, 0xC500, 0x3C8, 0x400, 5.20, eea49a93a73afb6afc178455582133c6
.reloc, 0xC900, 0x9EC, 0xA00, 6.62, bddd5a40c508bfc84ec87de5f8e6a5d3
[[ 1 import(s) ]]
ntoskrnl.exe: ZwWriteFile, RtlUpcaseUnicodeChar, ZwClose, ZwCreateFile, RtlInitUnicodeString, _wcsicmp, ZwQueryValueKey, ZwOpenKey, ZwDeleteKey, swprintf, ZwEnumerateKey, ExFreePoolWithTag, DbgPrint, ExAllocatePool, RtlPrefixUnicodeString, memcpy, RtlDeleteRegistryValue, ZwSetValueKey, RtlWriteRegistryValue, ZwEnumerateValueKey, ZwSetInformationFile, ZwQueryInformationFile, ZwQueryDirectoryFile, ZwOpenFile, KeTickCount, KeBugCheck, MmGetSystemRoutineAddress, ZwFlushKey, PsTerminateSystemThread, KeSetPriorityThread, KeGetCurrentThread, RtlCheckRegistryKey, KeDelayExecutionThread, ZwReadFile, PsCreateSystemThread, PsGetVersion, KeBugCheckEx
VT Community
0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
text -- bold
text -- italics
text -- underline
[s]text[/s] -- strikethrough
- Code:
-
text
-- preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.