Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File 467D7D_1.WRK received on 2008.12.21 09:35:23 (UTC)
Current status: finished
Current status: finished
Result: 12/38 (31.58%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| AhnLab-V3 | 2008.12.19.3 | 2008.12.20 | - |
| AntiVir | 7.9.0.45 | 2008.12.19 | - |
| Authentium | 5.1.0.4 | 2008.12.20 | - |
| Avast | 4.8.1281.0 | 2008.12.20 | Win32:Spyware-gen |
| AVG | 8.0.0.199 | 2008.12.20 | PSW.Generic6.AUCB |
| BitDefender | 7.2 | 2008.12.21 | Trojan.Generic.1246574 |
| CAT-QuickHeal | 10.00 | 2008.12.20 | - |
| ClamAV | 0.94.1 | 2008.12.20 | - |
| Comodo | 783 | 2008.12.20 | TrojWare.Win32.Spy.KeyLogger.bgo |
| DrWeb | 4.44.0.09170 | 2008.12.21 | - |
| eSafe | 7.0.17.0 | 2008.12.18 | - |
| eTrust-Vet | 31.6.6271 | 2008.12.20 | - |
| Ewido | 4.0 | 2008.12.21 | - |
| F-Prot | 4.4.4.56 | 2008.12.20 | - |
| F-Secure | 8.0.14332.0 | 2008.12.21 | Trojan-Spy.Win32.KeyLogger.bgo |
| Fortinet | 3.117.0.0 | 2008.12.21 | - |
| GData | 19 | 2008.12.21 | Trojan.Generic.1246574 |
| Ikarus | T3.1.1.45.0 | 2008.12.21 | Trojan-Spy.Win32.KeyLogger |
| K7AntiVirus | 7.10.560 | 2008.12.20 | Trojan-Spy.Win32.KeyLogger.bgo |
| Kaspersky | 7.0.0.125 | 2008.12.21 | Trojan-Spy.Win32.KeyLogger.bgo |
| McAfee | 5470 | 2008.12.20 | Generic PWS.y |
| McAfee+Artemis | 5470 | 2008.12.20 | Generic PWS.y |
| Microsoft | 1.4205 | 2008.12.21 | - |
| NOD32 | 3709 | 2008.12.20 | probably a variant of Win32/Spy.KeyLogger |
| Norman | 5.80.02 | 2008.12.19 | - |
| Panda | 9.0.0.4 | 2008.12.20 | - |
| PCTools | 4.4.2.0 | 2008.12.20 | - |
| Prevx1 | V2 | 2008.12.21 | - |
| Rising | 21.08.62.00 | 2008.12.21 | - |
| SecureWeb-Gateway | 6.7.6 | 2008.12.19 | - |
| Sophos | 4.37.0 | 2008.12.21 | - |
| Sunbelt | 3.2.1801.2 | 2008.12.11 | - |
| Symantec | 10 | 2008.12.21 | - |
| TheHacker | 6.3.1.4.195 | 2008.12.20 | - |
| TrendMicro | 8.700.0.1004 | 2008.12.19 | - |
| VBA32 | 3.12.8.10 | 2008.12.20 | - |
| ViRobot | 2008.12.20.1528 | 2008.12.21 | - |
| VirusBuster | 4.5.11.0 | 2008.12.20 | - |
| Additional information |
|---|
| File size: 229376 bytes |
| MD5...: bdeefe5047b8eea3f616836f739ba22c |
| SHA1..: 10e1a4efbe05fbaea12ebe5134cbe30efc64b058 |
| SHA256: 467d7d68527f32a241a6296a36510f86d996c43a38e2297b5c25d1368938c790 |
| SHA512: 77b52a95c49146adc6d949da6334df6d35d0a3b6cbbeedb735830b5e077e3bf2 58ac8a23ef1b84db8d00b25e1c8fb9a996f19d6f155d6a8d2fff6921d7258c69 |
| ssdeep: 3072:zmmqissY67tC//+/AuHMHlxYpIStCK04+UrMiMC4jd1wuDqWUdsi/UquTcj MtLtc:s6Uft |
| PEiD..: - |
| TrID..: File type identification Win32 Executable MS Visual C++ (generic) (53.1%) Windows Screen Saver (18.4%) Win32 Executable Generic (12.0%) Win32 Dynamic Link Library (generic) (10.6%) Generic Win/DOS Executable (2.8%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x10005e68 timedatestamp.....: 0x4591ff24 (Wed Dec 27 05:05:40 2006) machinetype.......: 0x14c (I386) ( 6 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xcb61 0xd000 6.58 7398b0f12f9a8026de1704eadfbfa289 .rdata 0xe000 0x4e53 0x5000 5.05 725544d28958654ac790fbbeaa47b510 .data 0x13000 0x1ad04 0x19000 0.55 f83bc912a3bdc0a205e3c6054136918e shared 0x2e000 0x8df0 0x9000 0.00 c4d2281395861efee2bdb980537ae721 .rsrc 0x37000 0xb0 0x1000 3.06 fc8b6e896978d410b88330740e20d944 .reloc 0x38000 0x1b38 0x2000 4.04 432655aad7531c349f2d8506dad964ce ( 3 imports ) > KERNEL32.dll: CloseHandle, ReadFile, DeviceIoControl, WinExec, CreateProcessA, GetSystemTime, WriteFile, SetFilePointer, CopyFileA, GetLastError, GetLocaleInfoA, CreateFileA, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, HeapSize, HeapReAlloc, VirtualAlloc, InitializeCriticalSection, LoadLibraryA, SetEnvironmentVariableA, CompareStringW, GetVersionExA, GlobalLock, GlobalUnlock, OpenFile, GetWindowsDirectoryA, GetSystemDirectoryA, RtlUnwind, GetCurrentThreadId, GetCommandLineA, HeapFree, HeapAlloc, GetProcessHeap, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, WideCharToMultiByte, GetProcAddress, GetModuleHandleA, ExitProcess, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, InterlockedDecrement, Sleep, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, GetCPInfo, GetACP, GetOEMCP, CompareStringA, MultiByteToWideChar > USER32.dll: GetDoubleClickTime, KillTimer, SetTimer, SetFocus, GetKeyState, SystemParametersInfoA, mouse_event, GetClassNameA, IsClipboardFormatAvailable, GetDesktopWindow, OpenClipboard, GetClipboardData, CloseClipboard, SendMessageA, GetWindow, GetActiveWindow, PostMessageA, keybd_event, GetAsyncKeyState, CallNextHookEx, RegisterWindowMessageA > ADVAPI32.dll: RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegCloseKey, RegOpenKeyExA ( 70 exports ) __0CHook@@QAE@PAX@Z, __1CHook@@QAE@XZ, __4CHook@@QAEAAV0@ABV0@@Z, ___FCHook@@QAEXXZ, _ButtonDispatcher@CHook@@IAEHHJ@Z, _ButtonMapToDefaultFunction@CHook@@IAEHH@Z, _ButtonMapToNormalFunction@CHook@@IAEHH@Z, _CheckAssociatedKey@CHook@@IAEXXZ, _CheckSpecialAP@CHook@@IAEHPAUHWND__@@@Z, _CommandDispatcher@CHook@@IAEHPAUEmulatedCommandType@@JH@Z, _ConnectToFilterDriver@CHook@@IAEHXZ, _DispatchSimulatedButton@CHook@@IAEHJ@Z, _EmulateMouseWheel@CHook@@IAEHPAUtagMOUSEHOOKSTRUCTEX@@@Z, _EmulateVScroll@CHook@@IAEXPAUtagMOUSEHOOKSTRUCTEX@@HH@Z, _ExecApp@CHook@@IAEXK@Z, _ExecMouseCommand@CHook@@IAEHPAUEmulatedCommandType@@J@Z, _ExecOfficeWebCmd@CHook@@IAEHKJ@Z, _ExecPhaseOneCommand@CHook@@IAEHPAUEmulatedCommandType@@@Z, _ExecPhaseTwoCommand@CHook@@IAEHPAUEmulatedCommandType@@@Z, _ExecWheelAppCmd@CHook@@IAEXXZ, _GenMsg_MouseWheel@CHook@@IAEHPAUtagMOUSEHOOKSTRUCTEX@@@Z, _GenMsg_Scrolling@CHook@@IAEHPAUtagMOUSEHOOKSTRUCTEX@@@Z, _GetAppParameters@CHook@@IAEPADPAD0@Z, _GetApplicationPath@CHook@@IAEHPAD0@Z, _GetBroswer@CHook@@IAEPADD@Z, _GetButtonFromFilter@CHook@@IAEHXZ, _GetButtonFromPS2VxD@CHook@@IAEHXZ, _GetButtonFunction@CHook@@IAEHH@Z, _GetKeyFunction@CHook@@IAEHH@Z, _GetMSOfficePath@CHook@@IAEHPAD@Z, _GetOsVersion@CHook@@IAEGXZ, _GetStringFromClipboard@CHook@@IAEPADPAD@Z, _InformPanel@CHook@@QAEHIJ@Z, _IsMyButton@CHook@@IAEHXZ, _IsSimulatedButton@CHook@@IAEHJ@Z, _IsXButton@CHook@@IAEHPAUtagMOUSEHOOKSTRUCTEX@@H@Z, _KeyMapToDefaultFunction@CHook@@IAEHH@Z, _KeyMapToExcelHotkey@CHook@@IAEHH@Z, _KeyMapToOfficeFunction@CHook@@IAEHH@Z, _KeyMapToOutlookHotkey@CHook@@IAEHH@Z, _KeyMapToPowerPointHotKey@CHook@@IAEHH@Z, _KeyMapToSmartHotkey@CHook@@IAEHH@Z, _KeyMapToWordHotkey@CHook@@IAEHH@Z, _KeyMapping@CHook@@IAEHI@Z, _KeyStrokeDispatcher@CHook@@IAEHHJ@Z, _KeyboardProc@CHook@@QAGJHIJ@Z, _LinkNextHook@CHook@@QAEXPAUHHOOK__@@00@Z, _MouseProc@CHook@@QAGJHIJ@Z, _ParserParameters@CHook@@IAEXPADD@Z, _PutStringToClipboard@CHook@@IAEXXZ, _RegisterAppContent@CHook@@IAEHXZ, _RegisterMessage@CHook@@IAEXPAD0000@Z, _SaveKeyboardProc@CHook@@QAGJHIJ@Z, _ShowDpiBar@CHook@@IAEXH@Z, _ShowOrExecWheel@CHook@@IAEXIJ@Z, _ShowStatusBar@CHook@@IAEXXZ, _SpecialCommand@CHook@@IAEHPAUEmulatedCommandType@@J@Z, _UnLinkHook@CHook@@QAEXXZ, _m_HookCnt@CHook@@2IA, ExecMacro, LinkNextHook, MacrosLoad, MacrosParameterInitialize, ReSetRecordState, StartToRecord, StopToRecord, UnLinkHook, _KeyboardProc@12, _MouseProc@12, _SaveKeyboardProc@12 |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
