File explorer.exe received on 11.27.2008 14:45:57 (CET)
Current status: finished
Result: 31/37 (83.78%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.11.27.4 2008.11.27 -
AntiVir 7.9.0.35 2008.11.27 W32/Virut.U
Authentium 5.1.0.4 2008.11.27 W32/Virut.10496
Avast 4.8.1281.0 2008.11.27 Win32:Virut
AVG 8.0.0.199 2008.11.27 Win32/Virut
BitDefender 7.2 2008.11.27 Win32.Virtob.Gen.9
CAT-QuickHeal 10.00 2008.11.27 W32.Virut.D
ClamAV 0.94.1 2008.11.27 W32.Virut.Gen.C-16
DrWeb 4.44.0.09170 2008.11.27 Win32.Virut.5
eSafe 7.0.17.0 2008.11.27 -
eTrust-Vet 31.6.6233 2008.11.27 Win32/Virut.10494
Ewido 4.0 2008.11.27 -
F-Prot 4.4.4.56 2008.11.27 W32/Virut.10496
F-Secure 8.0.14332.0 2008.11.27 Virus.Win32.Virut.n
Fortinet 3.117.0.0 2008.11.27 W32/Virut.G
GData 19 2008.11.27 Win32.Virtob.Gen.9
Ikarus T3.1.1.45.0 2008.11.27 Trojan.Win32.Patched
K7AntiVirus 7.10.534 2008.11.26 Virus.Win32.Virut.Generic
Kaspersky 7.0.0.125 2008.11.27 Virus.Win32.Virut.n
McAfee 5446 2008.11.26 W32/Virut.gen
McAfee+Artemis 5446 2008.11.26 W32/Virut.gen
Microsoft 1.4104 2008.11.27 Virus:Win32/Virut.AF
NOD32 3645 2008.11.27 Win32/Virut.O
Norman 5.80.02 2008.11.26 W32/Virut.N
Panda 9.0.0.4 2008.11.27 W32/Virutas.gen
PCTools 4.4.2.0 2008.11.27 Win32.Virut.Gen.5
Prevx1 V2 2008.11.27 -
Rising 21.05.32.00 2008.11.27 Win32.Virut.GEN
SecureWeb-Gateway 6.7.6 2008.11.27 Win32.Virut.U
Sophos 4.35.0 2008.11.27 W32/Vetor-A
Sunbelt 3.1.1832.2 2008.11.27 -
Symantec 10 2008.11.27 W32.Virut.U
TheHacker 6.3.1.1.164 2008.11.27 W32/Virut.q
TrendMicro 8.700.0.1004 2008.11.27 PE_VIRUT.XL-3
VBA32 3.12.8.9 2008.11.26 -
ViRobot 2008.11.27.1489 2008.11.27 Win32.Virut.G
VirusBuster 4.5.11.0 2008.11.26 Win32.Virut.Gen.5
Additional information
File size: 1043968 bytes
MD5...: 400b7a5018a424378e47017c5b2ec221
SHA1..: ab0c30d01a89a79f11b5f3bea483c2efcf230da5
SHA256: 91563ed53133b1c0ab00d2bb9c9fd87bff7ca4ecf17278699820438da89e579f
SHA512: e4d3182601fcf5ce50aa9b9df6d83f61bee4a31efc721a1cbbc72d09e37eda3b
f1be5f786e51fc31b1cd67ac8bf55a2af4195adc54c11531b9f73b682eb0225b
ssdeep: 12288:eRFHB/IwCDrA6FWVz0v/1oHWr2Rkf8I+skzaz1/g/J/vHyM/:ezhQwCDE6
FCOLakf8I+sko1/g/J//yk
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x101a8ce
timedatestamp.....: 0xa0a0a0a0L (invalid)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x44ad9 0x44c00 6.36 84408e6eef820cc801b8ddf30a7e0929
.data 0x46000 0x1db4 0x1800 1.30 25fdde5ea7a06e94390eb8773b825a55
.rsrc 0x48000 0xb2278 0xb2400 6.63 b82ace172bfa53b11b99e63c7ac67c26
.reloc 0xfb000 0xb800 0x6200 7.49 1cfef3b19d86a730debaae4745c920f0
( 13 imports )
> ADVAPI32.dll: RegSetValueW, RegEnumKeyExW, GetUserNameW, RegNotifyChangeKeyValue, RegEnumValueW, RegQueryValueExA, RegOpenKeyExA, RegEnumKeyW, RegCloseKey, RegCreateKeyW, RegQueryInfoKeyW, RegOpenKeyExW, RegQueryValueExW, RegCreateKeyExW, RegSetValueExW, RegDeleteValueW, RegQueryValueW
> BROWSEUI.dll: -, -, -, -
> GDI32.dll: GetStockObject, CreatePatternBrush, OffsetViewportOrgEx, GetLayout, CombineRgn, CreateDIBSection, GetTextExtentPoint32W, StretchBlt, SetTextColor, CreateRectRgn, GetClipRgn, IntersectClipRect, GetViewportOrgEx, SetViewportOrgEx, SelectClipRgn, PatBlt, GetBkColor, CreateCompatibleDC, CreateCompatibleBitmap, OffsetWindowOrgEx, DeleteDC, SetBkColor, BitBlt, ExtTextOutW, GetTextExtentPointW, GetClipBox, GetObjectW, CreateRectRgnIndirect, SetBkMode, CreateFontIndirectW, DeleteObject, GetTextMetricsW, SelectObject, GetDeviceCaps, TranslateCharsetInfo, SetStretchBltMode
> KERNEL32.dll: GetSystemDirectoryW, CreateThread, CreateJobObjectW, ExitProcess, SetProcessShutdownParameters, ReleaseMutex, CreateMutexW, SetPriorityClass, GetCurrentProcess, GetStartupInfoW, GetCommandLineW, SetErrorMode, LeaveCriticalSection, EnterCriticalSection, ResetEvent, LoadLibraryExA, CompareFileTime, GetSystemTimeAsFileTime, SetThreadPriority, GetCurrentThreadId, GetThreadPriority, GetCurrentThread, GetUserDefaultLangID, Sleep, GetBinaryTypeW, GetModuleHandleExW, SystemTimeToFileTime, GetLocalTime, GetCurrentProcessId, GetEnvironmentVariableW, UnregisterWait, GlobalGetAtomNameW, GetFileAttributesW, MoveFileW, lstrcmpW, LoadLibraryExW, FindClose, FindNextFileW, FindFirstFileW, lstrcmpiA, SetEvent, AssignProcessToJobObject, GetDateFormatW, GetTimeFormatW, FlushInstructionCache, lstrcpynW, GetSystemWindowsDirectoryW, SetLastError, GetProcessHeap, HeapFree, HeapReAlloc, HeapSize, HeapAlloc, GetUserDefaultLCID, ReadProcessMemory, OpenProcess, InterlockedCompareExchange, LoadLibraryA, QueryPerformanceCounter, UnhandledExceptionFilter, SetUnhandledExceptionFilter, VirtualFree, VirtualAlloc, ResumeThread, TerminateProcess, TerminateThread, GetSystemDefaultLCID, GetLocaleInfoW, CreateEventW, GetLastError, RegisterWaitForSingleObject, OpenEventW, WaitForSingleObject, GetTickCount, ExpandEnvironmentStringsW, GetModuleFileNameW, GetPrivateProfileStringW, lstrcmpiW, CreateProcessW, FreeLibrary, GetWindowsDirectoryW, LocalAlloc, CreateFileW, DeviceIoControl, LocalFree, GetQueuedCompletionStatus, CreateIoCompletionPort, SetInformationJobObject, CloseHandle, LoadLibraryW, GetModuleHandleW, ActivateActCtx, DeactivateActCtx, DelayLoadFailureHook, GetProcAddress, DeleteCriticalSection, CreateEventA, HeapDestroy, InitializeCriticalSection, GetFileAttributesExW, MulDiv, lstrlenW, InterlockedDecrement, InterlockedIncrement, GlobalAlloc, InterlockedExchange, GetModuleHandleA, GetVersionExA, GlobalFree, GetProcessTimes, lstrcpyW, GetLongPathNameW, InitializeCriticalSectionAndSpinCount
> msvcrt.dll: _itow, free, memmove, realloc, _except_handler3, malloc, _ftol, _vsnwprintf
> ntdll.dll: RtlNtStatusToDosError, NtQueryInformationProcess
> ole32.dll: CoFreeUnusedLibraries, RegisterDragDrop, CreateBindCtx, RevokeDragDrop, CoInitializeEx, CoUninitialize, OleInitialize, CoRevokeClassObject, CoRegisterClassObject, CoMarshalInterThreadInterfaceInStream, CoCreateInstance, OleUninitialize, DoDragDrop
> OLEAUT32.dll: -, -
> SHDOCVW.dll: -, -, -
> SHELL32.dll: -, SHGetFolderPathW, -, -, -, -, -, ExtractIconExW, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, ShellExecuteExW, -, -, -, -, -, -, -, SHBindToParent, -, -, -, SHParseDisplayName, -, -, -, -, -, -, SHGetSpecialFolderLocation, -, -, -, -, SHGetSpecialFolderPathW, -, -, -, -, -, SHChangeNotify, SHGetDesktopFolder, SHAddToRecentDocs, -, -, -, DuplicateIcon, -, -, -, -, -, -, -, -, SHUpdateRecycleBinIcon, SHGetFolderLocation, SHGetPathFromIDListA, -, -, -, -, -, -, -, SHGetPathFromIDListW, -, -, -
> SHLWAPI.dll: StrCpyNW, -, -, -, -, StrRetToBufW, StrRetToStrW, -, -, -, -, SHQueryValueExW, PathIsNetworkPathW, -, AssocCreate, -, -, -, -, -, StrCatW, StrCpyW, -, -, -, -, -, -, -, SHGetValueW, -, StrCmpNIW, PathRemoveBlanksW, PathRemoveArgsW, PathFindFileNameW, StrStrIW, PathGetArgsW, -, StrToIntW, SHRegGetBoolUSValueW, SHRegWriteUSValueW, SHRegCloseUSKey, SHRegCreateUSKeyW, SHRegGetUSValueW, SHSetValueW, -, PathAppendW, PathUnquoteSpacesW, -, -, PathQuoteSpacesW, -, SHSetThreadRef, SHCreateThreadRef, -, -, -, PathCombineW, -, -, -, SHStrDupW, PathIsPrefixW, PathParseIconLocationW, AssocQueryKeyW, -, AssocQueryStringW, StrCmpW, -, -, -, -, -, -, -, -, SHRegQueryUSValueW, SHRegOpenUSKeyW, SHRegSetUSValueW, PathIsDirectoryW, PathFileExistsW, PathGetDriveNumberW, -, StrChrW, PathFindExtensionW, -, -, PathRemoveFileSpecW, PathStripToRootW, -, -, -, SHOpenRegStream2W, -, -, -, StrDupW, SHDeleteValueW, StrCatBuffW, SHDeleteKeyW, StrCmpIW, -, -, wnsprintfW, -, StrCmpNW, -, -
> USER32.dll: TileWindows, GetDoubleClickTime, GetSystemMetrics, GetSysColorBrush, AllowSetForegroundWindow, LoadMenuW, GetSubMenu, RemoveMenu, SetParent, GetMessagePos, CheckDlgButton, EnableWindow, GetDlgItemInt, SetDlgItemInt, CopyIcon, AdjustWindowRectEx, DrawFocusRect, DrawEdge, ExitWindowsEx, WindowFromPoint, SetRect, AppendMenuW, LoadAcceleratorsW, LoadBitmapW, SendNotifyMessageW, SetWindowPlacement, CheckMenuItem, EndDialog, SendDlgItemMessageW, MessageBeep, GetActiveWindow, PostQuitMessage, MoveWindow, GetDlgItem, RemovePropW, GetClassNameW, GetDCEx, SetCursorPos, ChildWindowFromPoint, ChangeDisplaySettingsW, RegisterHotKey, UnregisterHotKey, SetCursor, SendMessageTimeoutW, GetWindowPlacement, LoadImageW, SetWindowRgn, IntersectRect, OffsetRect, EnumDisplayMonitors, RedrawWindow, SubtractRect, TranslateAcceleratorW, WaitMessage, InflateRect, CallWindowProcW, GetDlgCtrlID, SetCapture, LockSetForegroundWindow, CopyRect, SystemParametersInfoW, FindWindowW, CreatePopupMenu, GetMenuDefaultItem, DestroyMenu, GetShellWindow, EnumChildWindows, GetWindowLongW, SendMessageW, RegisterWindowMessageW, GetKeyState, MonitorFromRect, MonitorFromPoint, RegisterClassW, SetPropW, GetWindowLongA, SetWindowLongW, FillRect, GetCursorPos, PtInRect, MessageBoxW, LoadStringW, ReleaseDC, GetDC, EnumDisplaySettingsExW, EnumDisplayDevicesW, PostMessageW, DispatchMessageW, TranslateMessage, GetMessageW, PeekMessageW, BeginPaint, EndPaint, SetWindowTextW, GetAsyncKeyState, InvalidateRect, GetWindow, ShowWindowAsync, TrackPopupMenuEx, UpdateWindow, DestroyIcon, IsRectEmpty, SetActiveWindow, GetSysColor, DrawTextW, IsHungAppWindow, SetTimer, GetMenuItemID, TrackPopupMenu, EndTask, SendMessageCallbackW, GetClassLongW, LoadIconW, OpenInputDesktop, CloseDesktop, SetScrollPos, ShowWindow, BringWindowToTop, GetDesktopWindow, CascadeWindows, CharUpperBuffW, SwitchToThisWindow, InternalGetWindowText, GetScrollInfo, GetMenuItemCount, ModifyMenuW, CreateWindowExW, DialogBoxParamW, MsgWaitForMultipleObjects, CharNextA, RegisterClipboardFormatW, EndDeferWindowPos, DeferWindowPos, BeginDeferWindowPos, PrintWindow, SetClassLongW, GetPropW, GetNextDlgGroupItem, GetNextDlgTabItem, ChildWindowFromPointEx, IsChild, NotifyWinEvent, TrackMouseEvent, GetCapture, GetAncestor, CharUpperW, SetWindowLongA, DrawCaption, InsertMenuW, IsWindowEnabled, GetMenuState, LoadCursorW, GetParent, IsDlgButtonChecked, DestroyWindow, EnumWindows, IsWindowVisible, GetClientRect, UnionRect, EqualRect, GetWindowThreadProcessId, GetForegroundWindow, KillTimer, GetClassInfoExW, DefWindowProcW, RegisterClassExW, GetIconInfo, SetScrollInfo, GetLastActivePopup, SetForegroundWindow, IsWindow, GetSystemMenu, IsIconic, IsZoomed, EnableMenuItem, SetMenuDefaultItem, MonitorFromWindow, GetMonitorInfoW, GetWindowInfo, GetFocus, SetFocus, MapWindowPoints, ScreenToClient, ClientToScreen, GetWindowRect, SetWindowPos, DeleteMenu, GetMenuItemInfoW, SetMenuItemInfoW, CharNextW
> UxTheme.dll: GetThemeBackgroundContentRect, GetThemeBool, GetThemePartSize, DrawThemeParentBackground, OpenThemeData, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, CloseThemeData, SetWindowTheme, GetThemeBackgroundRegion, -, GetThemeMargins, GetThemeColor, GetThemeFont, GetThemeRect, IsAppThemed
( 0 exports )
File ctfmon.exe received on 11.27.2008 14:47:52 (CET)
Current status: finished
Result: 34/37 (91.89%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.11.27.4 2008.11.27 Win32/Virut.C
AntiVir 7.9.0.35 2008.11.27 W32/Virut.U
Authentium 5.1.0.4 2008.11.27 W32/Virut.10496
Avast 4.8.1281.0 2008.11.27 Win32:Virut
AVG 8.0.0.199 2008.11.27 Win32/Virut
BitDefender 7.2 2008.11.27 Win32.Virtob.Gen.9
CAT-QuickHeal 10.00 2008.11.27 W32.Virut.D
ClamAV 0.94.1 2008.11.27 W32.Virut.Gen.C-99
DrWeb 4.44.0.09170 2008.11.27 Win32.Virut.5
eSafe 7.0.17.0 2008.11.27 -
eTrust-Vet 31.6.6233 2008.11.27 Win32/Virut.10494
Ewido 4.0 2008.11.27 -
F-Prot 4.4.4.56 2008.11.27 W32/Virut.10496
F-Secure 8.0.14332.0 2008.11.27 Virus.Win32.Virut.n
Fortinet 3.117.0.0 2008.11.27 W32/MetaCrypt.2
GData 19 2008.11.27 Win32.Virtob.Gen.9
Ikarus T3.1.1.45.0 2008.11.27 Virus.Win32.Virut.q
K7AntiVirus 7.10.534 2008.11.26 Virus.Win32.Virut.Generic
Kaspersky 7.0.0.125 2008.11.27 Virus.Win32.Virut.n
McAfee 5446 2008.11.26 W32/Virut.gen
McAfee+Artemis 5446 2008.11.26 W32/Virut.gen
Microsoft 1.4104 2008.11.27 Virus:Win32/Virut.AF
NOD32 3645 2008.11.27 Win32/Virut.O
Norman 5.80.02 2008.11.26 W32/Virut.N
Panda 9.0.0.4 2008.11.27 W32/Virutas.gen
PCTools 4.4.2.0 2008.11.27 Win32.Virut.Gen.5
Prevx1 V2 2008.11.27 -
Rising 21.05.32.00 2008.11.27 Win32.Virut.aw
SecureWeb-Gateway 6.7.6 2008.11.27 Win32.Virut.U
Sophos 4.35.0 2008.11.27 W32/Vetor-A
Sunbelt 3.1.1832.2 2008.11.27 Win32.Virut.xl (v)
Symantec 10 2008.11.27 W32.Virut.U
TheHacker 6.3.1.1.164 2008.11.27 W32/Virut.q
TrendMicro 8.700.0.1004 2008.11.27 PE_VIRUT.XL-1
VBA32 3.12.8.9 2008.11.26 Virus.Win32.Virut.f
ViRobot 2008.11.27.1489 2008.11.27 Win32.Virut.G
VirusBuster 4.5.11.0 2008.11.26 Win32.Virut.Gen.5
Additional information
File size: 26112 bytes
MD5...: ede0a1eb9a8d92787bc2d8928e9f3135
SHA1..: c6b0d0e81e64c62f19e8eebed24bf3e73985c9dc
SHA256: 2d116a2142b355da0e2d8e77edc899b3e1b153da74c0d73a186e146605651717
SHA512: 0ed97b445c29751285d754d4e090cb741a8a8e6df9bda4a5d1f241b97846329b
bfbb220382a069fde0309648598713c2ec558d62ebdd707f7867e6ffd5b32c3e
ssdeep: 768:3AJpITIaWh9gn+16oJwYGKHUX9LCc8DuB:3AY/ig+1Z9LHUX9LCc8DK
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x405a00
timedatestamp.....: 0xa0a0a0a0L (invalid)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2ab8 0x2c00 6.75 d34df1f2640fde4abe70f6471c488040
.data 0x4000 0x210 0x200 1.07 bd8c5cd346a9f53dc0dbc69260ab2240
.rsrc 0x5000 0x8a00 0x3400 7.58 64b031dbb5ea584a8a2295280d106e89
( 6 imports )
> msvcrt.dll: _controlfp, _except_handler3, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _acmdln, exit, _cexit, _XcptFilter, _exit, _c_exit
> ADVAPI32.dll: RegDeleteValueA, RegOpenKeyExA, RegCloseKey, RegSetValueExA, RegCreateKeyA, RegCreateKeyExA
> KERNEL32.dll: lstrcpynA, lstrlenA, GetSystemDirectoryA, GetSystemWindowsDirectoryA, GetVersionExA, GetACP, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, LocalFree, CloseHandle, ResetEvent, OpenEventA, CreateProcessA, lstrcatA, GetSystemInfo, lstrcmpiA, FreeLibrary, LoadLibraryA, CreateEventA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetModuleHandleA, GetStartupInfoA, LocalAlloc, GetProcAddress
> USER32.dll: EnumWindows, GetClassNameA, FindWindowA, PostMessageA, SetTimer, KillTimer, MsgWaitForMultipleObjects, PeekMessageA, TranslateMessage, DispatchMessageA, GetMessageA, SetWindowPos, LoadCursorA, RegisterClassExA, DefWindowProcA, PostQuitMessage, CreateWindowExA, GetSystemMetrics
> MSCTF.dll: TF_InitSystem, TF_GetGlobalCompartment, TF_InvalidAssemblyListCacheIfExist, TF_InvalidAssemblyListCache, TF_PostAllThreadMsg, TF_CreateCicLoadMutex, TF_UninitSystem
> MSUTB.dll: ClosePopupTipbar, GetPopupTipbar
( 0 exports )
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 2/37 (5.41%)
Loading server information...
Your file is queued in position: 46.
Estimated start time is between 5 and 8 minutes.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:
Antivirus Version Last Update Result
AhnLab-V3 2008.11.27.4 2008.11.27 -
AntiVir 7.9.0.35 2008.11.27 -
Authentium 5.1.0.4 2008.11.27 -
Avast 4.8.1281.0 2008.11.27 -
AVG 8.0.0.199 2008.11.27 -
BitDefender 7.2 2008.11.27 -
CAT-QuickHeal 10.00 2008.11.27 -
ClamAV 0.94.1 2008.11.27 -
DrWeb 4.44.0.09170 2008.11.27 -
eSafe 7.0.17.0 2008.11.27 -
eTrust-Vet 31.6.6233 2008.11.27 -
Ewido 4.0 2008.11.27 -
F-Prot 4.4.4.56 2008.11.27 -
F-Secure 8.0.14332.0 2008.11.27 Suspicious:W32/SCKeyLog!Gemini
Fortinet 3.117.0.0 2008.11.27 -
GData 19 2008.11.27 -
Ikarus T3.1.1.45.0 2008.11.27 -
K7AntiVirus 7.10.536 2008.11.27 -
Kaspersky 7.0.0.125 2008.11.27 -
McAfee 5447 2008.11.27 -
McAfee+Artemis 5446 2008.11.26 -
Microsoft 1.4104 2008.11.27 -
NOD32 3646 2008.11.27 -
Norman 5.80.02 2008.11.27 -
Panda 9.0.0.4 2008.11.27 -
PCTools 4.4.2.0 2008.11.27 -
Prevx1 V2 2008.11.27 -
Rising 21.05.32.00 2008.11.27 -
SecureWeb-Gateway 6.7.6 2008.11.27 -
Sophos 4.35.0 2008.11.27 -
Sunbelt 3.1.1832.2 2008.11.27 -
Symantec 10 2008.11.27 -
TheHacker 6.3.1.1.165 2008.11.27 -
TrendMicro 8.700.0.1004 2008.11.27 -
VBA32 3.12.8.9 2008.11.27 suspected of Win32.BrokenEmbeddedSignature (paranoid heuristics)
ViRobot 2008.11.27.1489 2008.11.27 -
VirusBuster 4.5.11.0 2008.11.27 -
Additional information
File size: 51224 bytes
MD5...: c7abd7cfda6a1ae6caa0c18b2a50f349
SHA1..: 42f0eef83eaf617f89630f8c96c2b487b537e9c8
SHA256: 8ec0d50b82d8eb28ee0ef62002d5cccbfae65cd14f7ba2c8669c527aa6b0cd04
SHA512: 001ddc34b43634ca4df5dba49d3c91df6a0822bdc76ee0f317119a7b3ffe92be
57a08b53672a1d46ae0ed8d822c632cdc67a4c8666c093f7333c4253c4d87caa
ssdeep: 768:e53FKsUAg+c6uzJBXJDy0g1FX3vxBytplKKEf/jKv:sLcDzfXSh/x0Pq/k
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4042dd
timedatestamp.....: 0x48f7aa62 (Thu Oct 16 20:56:02 2008)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8c84 0x8e00 6.00 dbf65b54e3f456d05e8a50068f958b51
.data 0xa000 0xd54 0x400 5.81 aea75c550ab527cbfba56bc33d16ea93
.rsrc 0xb000 0x7b8 0x800 4.55 6daa37f1a45c1959bcc0022df0317156
.reloc 0xc000 0xc8a 0xe00 3.10 56fa4b399c6d09575836259c52cf6c40
( 6 imports )
> KERNEL32.dll: CreateFileW, CreateDirectoryW, GetFileAttributesW, ExpandEnvironmentStringsW, lstrlenW, CreateProcessW, VerSetConditionMask, VerifyVersionInfoW, LoadLibraryW, OutputDebugStringW, WriteFile, FlushFileBuffers, GetModuleFileNameW, InterlockedIncrement, InterlockedDecrement, GetSystemTime, GetLastError, SetLastError, GetFileSize, CreateFileMappingW, MapViewOfFile, UnmapViewOfFile, SetFilePointer, SetEndOfFile, ReleaseMutex, WaitForSingleObject, CreateMutexW, CloseHandle, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, RtlUnwind, GetStartupInfoW, GetTimeZoneInformation, SystemTimeToTzSpecificLocalTime, GetSystemDirectoryW, LoadLibraryExW, GetDriveTypeW, GetVolumePathNameW, GetFileType, GetSystemInfo, GetModuleHandleW, CompareStringW, GetProcessHeap, HeapFree, HeapAlloc, GetCommandLineW, FreeLibrary, OpenEventW, GetProcAddress, WideCharToMultiByte, InterlockedExchange, Sleep, InterlockedCompareExchange
> msvcrt.dll: __dllonexit, _unlock, _controlfp, _terminate@@YAXXZ, free, malloc, memmove, memcpy, memset, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _amsg_exit, _initterm, _wcmdln, exit, _XcptFilter, _lock, _cexit, __wgetmainargs, _vsnwprintf, _onexit, _exit
> ole32.dll: CoTaskMemFree, CoUninitialize, CoCreateInstance, CoInitialize, CoInitializeEx
> ADVAPI32.dll: AllocateAndInitializeSid, FreeSid, GetTokenInformation, DuplicateTokenEx, CheckTokenMembership, IsValidSid, CopySid, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW, GetUserNameW, GetLengthSid, InitializeAcl, AddAccessAllowedAce, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegOpenKeyExW, RegCloseKey
> OLEAUT32.dll: -, -
> SHLWAPI.dll: StrRChrW, -, PathStripToRootW, PathIsRelativeW, StrChrW, PathIsRootW, PathIsUNCW
( 0 exports )
File userinit.exe received on 11.27.2008 20:19:56 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 34/37 (91.9%)
Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___ .
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:
Antivirus Version Last Update Result
AhnLab-V3 2008.11.27.4 2008.11.27 Win32/Virut.C
AntiVir 7.9.0.35 2008.11.27 W32/Virut.U
Authentium 5.1.0.4 2008.11.27 W32/Virut.10496
Avast 4.8.1281.0 2008.11.27 Win32:Virut
AVG 8.0.0.199 2008.11.27 Win32/Virut
BitDefender 7.2 2008.11.27 Win32.Virtob.Gen.9
CAT-QuickHeal 10.00 2008.11.27 W32.Virut.D
ClamAV 0.94.1 2008.11.27 W32.Virut.Gen.C-50
DrWeb 4.44.0.09170 2008.11.27 Win32.Virut.5
eSafe 7.0.17.0 2008.11.27 -
eTrust-Vet 31.6.6233 2008.11.27 Win32/Virut.10494
Ewido 4.0 2008.11.27 -
F-Prot 4.4.4.56 2008.11.27 W32/Virut.10496
F-Secure 8.0.14332.0 2008.11.27 Virus.Win32.Virut.n
Fortinet 3.117.0.0 2008.11.27 W32/MetaCrypt.1
GData 19 2008.11.27 Win32.Virtob.Gen.9
Ikarus T3.1.1.45.0 2008.11.27 Virus.Win32.Virut.q
K7AntiVirus 7.10.536 2008.11.27 Virus.Win32.Virut.Generic
Kaspersky 7.0.0.125 2008.11.27 Virus.Win32.Virut.n
McAfee 5447 2008.11.27 W32/Virut.gen
McAfee+Artemis 5446 2008.11.26 W32/Virut.gen
Microsoft 1.4104 2008.11.27 Virus:Win32/Virut.AF
NOD32 3646 2008.11.27 Win32/Virut.O
Norman 5.80.02 2008.11.27 W32/Virut.N
Panda 9.0.0.4 2008.11.27 W32/Virutas.gen
PCTools 4.4.2.0 2008.11.27 Win32.Virut.Gen.5
Prevx1 V2 2008.11.27 -
Rising 21.05.32.00 2008.11.27 Win32.Virut.aw
SecureWeb-Gateway 6.7.6 2008.11.27 Win32.Virut.U
Sophos 4.35.0 2008.11.27 W32/Vetor-A
Sunbelt 3.1.1832.2 2008.11.27 Win32.Virut.xl (v)
Symantec 10 2008.11.27 W32.Virut.U
TheHacker 6.3.1.1.165 2008.11.27 W32/Virut.q
TrendMicro 8.700.0.1004 2008.11.27 PE_VIRUT.XL-4
VBA32 3.12.8.9 2008.11.27 Virus.Win32.Virut.f
ViRobot 2008.11.27.1489 2008.11.27 Win32.Virut.G
VirusBuster 4.5.11.0 2008.11.27 Win32.Virut.Gen.5
Additional information
File size: 101376 bytes
MD5...: 244a740a7532116612be749e2544abf2
SHA1..: 2a8a3966c2ffb4678831c677246b6decf6e916cb
SHA256: dec051a43a45b09de17b0287780ab0ab4c1362711bb3c04f477b55142f32e5f5
SHA512: 9f6e0f77ff0e84fc7c517d1b2718c6dd111fb0a013ee304145b909fa289ab0a9
a18665d06c0f0d7f035235c28ca99a3599d91ca1b74e002f67b4ec1080da6794
ssdeep: 1536:tJRxIEVBvT2aLarPUO7c/JoHubFhd6xmRqoISVMMd:tJRxI0JYPUO7cVwxm
RqHSV
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x100fc00
timedatestamp.....: 0xa0a0a0a0L (invalid)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x4db8 0x4e00 6.01 c14f5a77277e38c1c8f1c529d870d350
.data 0x6000 0x14c 0x200 1.86 cbb599f9267bf53209039d14a3574eb1
.rsrc 0x7000 0x18c00 0x13800 4.29 724257f8975db04fb9332025e1abd9fb
( 7 imports )
> USER32.dll: CreateWindowExW, DestroyWindow, RegisterClassExW, DefWindowProcW, LoadRemoteFonts, wsprintfW, GetSystemMetrics, GetKeyboardLayout, SystemParametersInfoW, GetDesktopWindow, LoadStringW, MessageBoxW, ExitWindowsEx, CharNextW
> ADVAPI32.dll: RegOpenKeyExA, ReportEventW, RegisterEventSourceW, DeregisterEventSource, OpenProcessToken, RegCreateKeyExW, RegSetValueExW, GetUserNameW, RegQueryValueExW, RegOpenKeyExW, RegQueryInfoKeyW, RegCloseKey, RegQueryValueExA
> CRYPT32.dll: CryptProtectData
> WINSPOOL.DRV: SpoolerInit
> ntdll.dll: RtlLengthSid, RtlCopySid, _itow, RtlFreeUnicodeString, DbgPrint, wcslen, wcscpy, wcscat, wcscmp, RtlInitUnicodeString, NtOpenKey, NtClose, _wcsicmp, memmove, NtQueryInformationToken, RtlConvertSidToUnicodeString
> msvcrt.dll: _controlfp, _except_handler3, __set_app_type, __p__fmode, __p__commode, __setusermatherr, __getmainargs, _acmdln, exit, _cexit, _XcptFilter, _exit, _c_exit, _initterm, _adjust_fdiv
> KERNEL32.dll: GetVersionExW, LocalFree, LocalAlloc, GetEnvironmentVariableW, SetEnvironmentVariableW, lstrlenW, lstrcpyW, FreeLibrary, GetProcAddress, LoadLibraryW, CompareFileTime, CloseHandle, lstrcatW, WaitForSingleObject, DelayLoadFailureHook, GetStartupInfoA, GetModuleHandleA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, LoadLibraryA, InterlockedCompareExchange, LocalReAlloc, GetSystemTime, lstrcmpW, GetCurrentThread, SetThreadPriority, CreateThread, GetFileAttributesExW, GetSystemDirectoryW, SetCurrentDirectoryW, FormatMessageW, lstrcmpiW, GetCurrentProcess, GetUserDefaultLangID, GetCurrentProcessId, ExpandEnvironmentStringsW, SetEvent, OpenEventW, Sleep, GetLastError, SearchPathW, CreateProcessW
( 0 exports )