» recorder.exe
Overview
Analysis
File Details

recorder.exe

Plus

The application recorder.exe has been detected as a potentially unwanted program by 26 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

recorder.exe

Product:

Plus

Version:

1.0.0.0

MD5:

5ac482ce76d20e22db048834be5c1c01

SHA-1:

466c416ad03fed672841b2646bd62d7b75e4c153

Scanner detections:

26 / 68

Status:

Potentially unwanted

Analysis date:

11/29/2024 4:31:03 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.55351

-40

Avira AntiVirus

ADWARE/Dotdo.bygax

8.3.3.4

Arcabit

Trojan.Barys.DD837

1.0.0.792

avast!

Win32:Adware-gen [Adw]

2014.9-170316

AVG

Downloader

2018.0.2438

Bitdefender

Gen:Variant.Barys.55351

1.0.20.375

Emsisoft Anti-Malware

Gen:Variant.Barys.55351

8.17.03.16.08

ESET NOD32

MSIL/Adware.Dotdo.AK (variant)

11.14658

Fortinet FortiGate

Adware/Dotdo

3/16/2017

F-Prot

W32/S-735f2067

v6.4.7.1.166

F-Secure

Gen:Variant.Barys.55351

11.2017-16-03_5

G Data

Gen:Variant.Barys.55351

17.3.25

IKARUS anti.virus

AdWare.MSIL.Dotdo

0.1.3.4

K7 AntiVirus

Adware

13.246.21890

Kaspersky

Trojan.MSIL.Inject

14.0.0.-1317

Malwarebytes

PUP.Optional.DotDo

v2017.03.16.08

McAfee

PUP-XAP-DQ

5600.6094

MicroWorld eScan

Gen:Variant.Barys.55351

18.0.0.225

Panda Antivirus

Trj/GdSda.A

17.03.16.08

Qihoo 360 Security

HEUR/QVM03.0.0000.Malware.Gen

1.0.0.1120

Reason Heuristics

Adware.Dotdo.ET (M)

17.3.16.8

Rising Antivirus

Trojan.Inject!8.103-6podiwNyJXI (cloud)

23.00.65.17314

Sophos

Generic PUA EG (PUA)

4.98

Trend Micro House Call

TROJ_GEN.R02EC0PLN16

7.2.75

Trend Micro

TROJ_GEN.R02EC0PLN16

10.465.16

VIPRE Antivirus

Trojan.Win32.Generic

54710

File size:

584.5 KB (598,528 bytes)

Product version:

1.0.0.0

Original file name:

mazzini.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\windows\recorder.exe

File PE Metadata

Compilation timestamp:

10/25/2016 12:45:00 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

Entry address:

0x935EE

Entry point:

FF, 25, FC, 35, 49, 00, 00, 00, 00, 00, 00, 00, 00, 00, D0, 35, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7C, 0D, 0F, 58, 00, 00, 00, 00, 02, 00, 00, 00, 47, 00, 00, 00, 20, 36, 09, 00, 20, 18, 09, 00, 52, 53, 44, 53, F5, FC, 69, 2F, DC, B0, 46, 42, 88, 97, 4E, 92, DD, E3, 6E, 80, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 41, 64, 6D, 69, 6E, 69, 73, 74, 72, 61, 74, 6F, 72, 5C, 44, 65, 73, 6B, 74, 6F, 70, 5C, 62, 65, 61, 6D, 73, 5C, 62, 65, 61, 6D, 73, 2E, 70, 64, 62, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.8839

Code size:

582 KB (595,968 bytes)

Remove recorder.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.