This for winsys2.exe
File WinSys2.exe received on 2009.07.16 03:13:33 (UTC)
Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.07.16 -
AhnLab-V3 5.0.0.2 2009.07.16 -
AntiVir 7.9.0.215 2009.07.16 -
Antiy-AVL 2.0.3.7 2009.07.16 -
Authentium 5.1.2.4 2009.07.16 -
Avast 4.8.1335.0 2009.07.16 -
AVG 8.5.0.387 2009.07.15 -
BitDefender 7.2 2009.07.16 -
CAT-QuickHeal 10.00 2009.07.15 -
ClamAV 0.94.1 2009.07.15 -
Comodo 1665 2009.07.16 -
DrWeb 5.0.0.12182 2009.07.16 -
eSafe 7.0.17.0 2009.07.15 -
eTrust-Vet 31.6.6617 2009.07.15 -
F-Prot 4.4.4.56 2009.07.16 -
F-Secure 8.0.14470.0 2009.07.16 -
Fortinet 3.120.0.0 2009.07.16 -
GData 19 2009.07.16 -
Ikarus T3.1.1.64.0 2009.07.16 -
Jiangmin 11.0.706 2009.07.15 -
K7AntiVirus 7.10.793 2009.07.15 -
Kaspersky 7.0.0.125 2009.07.16 -
McAfee 5677 2009.07.15 -
McAfee+Artemis 5677 2009.07.15 -
McAfee-GW-Edition 6.8.5 2009.07.16 -
Microsoft 1.4803 2009.07.16 -
NOD32 4247 2009.07.15 -
Norman 6.01.09 2009.07.15 -
nProtect 2009.1.8.0 2009.07.16 -
Panda 10.0.0.14 2009.07.15 -
PCTools 4.4.2.0 2009.07.15 -
Prevx 3.0 2009.07.16 -
Rising 21.38.24.00 2009.07.15 -
Sophos 4.43.0 2009.07.16 -
Sunbelt 3.2.1858.2 2009.07.15 -
Symantec 1.4.4.12 2009.07.16 -
TheHacker 6.3.4.3.368 2009.07.15 -
TrendMicro 8.950.0.1094 2009.07.15 -
VBA32 3.12.10.8 2009.07.15 -
ViRobot 2009.7.15.1837 2009.07.15 -
VirusBuster 4.6.5.0 2009.07.15 -
Additional information
File size: 208896 bytes
MD5...: 27949ccd505a6be082d15547b1dff90d
SHA1..: 569f27f34d53ec7f3eb0151108f3d4f0b4e54140
SHA256: 7c47e876766ecd62aad68812a40f30bad56a32d994cc16a116b8d3c4ea30ee82
ssdeep: 3072:AQNGGM2V/Oa49QFb+s6+6WKYy2YJfGnFGY2IKmistUtcQrvkpTQ7:APGlk5<br>9QFbj6+6oyjJfrY2IKHbrMm<br>
PEiD..: -
TrID..: File type identification<br>Win64 Executable Generic (54.6%)<br>Win32 Executable MS Visual C++ (generic) (24.0%)<br>Windows Screen Saver (8.3%)<br>Win32 Executable Generic (5.4%)<br>Win32 Dynamic Link Library (generic) (4.8%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10214<br>timedatestamp.....: 0x478ff7fe (Fri Jan 18 00:51:10 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x20996 0x21000 6.65 2bd762b046ea4317483b547ed7ae2d7f<br>.rdata 0x22000 0x7cfe 0x8000 4.90 1f93dbb50db9c21acda7c7c1888d93e8<br>.data 0x2a000 0x8fd4 0x3000 3.31 2bc8669cfae0847f14f5e0b842c89897<br>CONST 0x33000 0x1f 0x1000 0.09 e1c91d3ead8e57dca21253f563c750c1<br>.rsrc 0x34000 0x48a8 0x5000 4.41 46abb0b06f7f2c3453dea7320e86064f<br><br>( 8 imports ) <br>> MADCHOOK.DLL: InjectLibraryA, UninjectLibraryA<br>> KERNEL32.dll: SetErrorMode, HeapAlloc, HeapFree, HeapReAlloc, VirtualAlloc, RtlUnwind, GetCommandLineA, GetProcessHeap, GetStartupInfoA, RaiseException, ExitProcess, HeapSize, VirtualFree, HeapDestroy, HeapCreate, GetStdHandle, TerminateProcess, SetUnhandledExceptionFilter, IsDebuggerPresent, Sleep, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, GetACP, GetConsoleCP, GetConsoleMode, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, GetOEMCP, GetCPInfo, CreateFileA, GetCurrentProcess, GetThreadLocale, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, GlobalFlags, WritePrivateProfileStringA, InterlockedIncrement, TlsFree, DeleteCriticalSection, LocalReAlloc, TlsSetValue, TlsAlloc, InitializeCriticalSection, GlobalHandle, GlobalReAlloc, EnterCriticalSection, TlsGetValue, LeaveCriticalSection, LocalAlloc, GlobalGetAtomNameA, GlobalFindAtomA, lstrcmpW, FreeResource, GetCurrentProcessId, GlobalAddAtomA, CloseHandle, GetCurrentThread, GetCurrentThreadId, ConvertDefaultLocale, GetModuleFileNameA, EnumResourceLanguagesA, GetLocaleInfoA, lstrcmpA, GlobalDeleteAtom, FreeLibrary, InterlockedDecrement, GetModuleFileNameW, GetModuleHandleA, GlobalFree, GlobalAlloc, GlobalLock, GlobalUnlock, FormatMessageA, LocalFree, FindResourceA, LoadResource, LockResource, SizeofResource, MulDiv, SetLastError, GetProcAddress, LoadLibraryA, lstrlenA, CompareStringA, GetVersionExA, GetVersion, GetLastError, WideCharToMultiByte, MultiByteToWideChar, InterlockedExchange, UnhandledExceptionFilter<br>> USER32.dll: UnregisterClassA, LoadCursorA, GetSysColorBrush, EndPaint, BeginPaint, ReleaseDC, GetDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, ShowWindow, SetWindowTextA, IsDialogMessageA, RegisterWindowMessageA, SendDlgItemMessageA, WinHelpA, GetCapture, GetClassLongA, GetClassNameA, SetPropA, GetPropA, RemovePropA, SetFocus, GetWindowTextA, GetForegroundWindow, GetTopWindow, GetMessagePos, MapWindowPoints, SetForegroundWindow, UpdateWindow, GetMenu, CreateWindowExA, GetClassInfoExA, GetClassInfoA, RegisterClassA, GetSysColor, AdjustWindowRectEx, CopyRect, PtInRect, GetDlgCtrlID, DefWindowProcA, CallWindowProcA, SetWindowLongA, SetWindowPos, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, GetWindow, GetDesktopWindow, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, IsWindow, GetDlgItem, GetNextDlgTabItem, EndDialog, DrawIcon, SendMessageA, GetWindowThreadProcessId, GetWindowLongA, GetLastActivePopup, IsWindowEnabled, MessageBoxA, SetCursor, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, DestroyMenu, GetMessageTime, IsIconic, GetClientRect, SetTimer, KillTimer, LoadIconA, EnableWindow, GetSystemMetrics, GetSubMenu, GetMenuItemCount, GetMenuItemID, GetMenuState, UnhookWindowsHookEx, PostQuitMessage, PostMessageA, IsWindowVisible, GetKeyState, PeekMessageA, GetCursorPos, ValidateRect, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapA, GetFocus, GetParent, ModifyMenuA, EnableMenuItem, CheckMenuItem<br>> GDI32.dll: SetWindowExtEx, ScaleWindowExtEx, DeleteDC, GetStockObject, PtVisible, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutA, TextOutA, GetDeviceCaps, DeleteObject, SetMapMode, RestoreDC, SaveDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateBitmap, RectVisible<br>> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA<br>> ADVAPI32.dll: RegQueryValueA, RegEnumKeyA, RegDeleteKeyA, RegOpenKeyA, RegOpenKeyExA, RegQueryValueExA, RegCreateKeyExA, RegSetValueExA, RegCloseKey<br>> SHLWAPI.dll: PathFindFileNameA, PathFindExtensionA<br>> OLEAUT32.dll: -, -, -<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
ThreatExpert info: <a href='
http://www.threatexpert.com/report.aspx?md5=27949ccd505a6be082d15547b1dff90d' target='_blank'>
http://www.threatexpert.com/report.aspx?md5=27949ccd505a6be082d15547b1dff90d</a>