www.virustotal.com results
File taskmgr.exe received on 2009.07.18 15:36:32 (UTC)
Antivirus Version Last Update Result
AhnLab-V3 5.0.0.2 2009.07.18 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.18 -
Avast 4.8.1335.0 2009.07.17 -
AVG 8.5.0.387 2009.07.18 -
BitDefender 7.2 2009.07.18 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.18 -
Comodo 1692 2009.07.18 -
DrWeb 5.0.0.12182 2009.07.18 -
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6623 2009.07.18 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.18 -
Fortinet 3.120.0.0 2009.07.18 -
GData 19 2009.07.18 -
Ikarus T3.1.1.64.0 2009.07.18 -
Jiangmin 11.0.800 2009.07.18 -
K7AntiVirus 7.10.796 2009.07.18 -
Kaspersky 7.0.0.125 2009.07.18 -
McAfee 5679 2009.07.17 -
McAfee+Artemis 5679 2009.07.17 -
McAfee-GW-Edition 6.8.5 2009.07.18 -
Microsoft 1.4803 2009.07.18 -
NOD32 4256 2009.07.18 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.18 -
Panda 10.0.0.14 2009.07.17 -
PCTools 4.4.2.0 2009.07.18 -
Prevx 3.0 2009.07.18 -
Rising 21.38.52.00 2009.07.18 -
Sophos 4.43.0 2009.07.18 -
Sunbelt 3.2.1858.2 2009.07.18 -
Symantec 1.4.4.12 2009.07.18 -
TheHacker 6.3.4.3.370 2009.07.17 -
TrendMicro 8.950.0.1094 2009.07.18 -
VBA32 3.12.10.8 2009.07.17 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -
Additional information
File size: 163840 bytes
MD5…: ef8ae178fae3c5f97e383753eb1df3ba
SHA1…: 3905028a10cf6227d4ef827b64df59283bc31a83
SHA256: db9f21389fd7454a16d68a555d8c573a2e9bb4551f4f1c43cb3791a15348bbd2
ssdeep: 3072:rKgL/cXwFt+miwpeK272MWtwVHu3/JeZj:mgL/6wFt+n7Q+pZ
PEiD…: -
TrID…: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xa31d
timedatestamp…: 0x47918e94 (Sat Jan 19 05:45:56 2008)
machinetype…: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x18b98 0x18c00 6.45 5112828ef8afbb496c098df629049143
.data 0x1a000 0x1c44 0x1a00 0.90 6a1e6ebb59baeac6e98584f8b53e0805
.rsrc 0x1c000 0xbbe8 0xbc00 4.93 f33628dbad91e613ba1596481f04ff72
.reloc 0x28000 0x1894 0x1a00 6.65 be99cca93b2730b82eb7ea73c1d28348
( 14 imports )
> ADVAPI32.dll: RegCloseKey, RegSetValueExW, RegCreateKeyExW, RegQueryValueExW, RegOpenKeyExW, SetTokenInformation, OpenProcessToken, LookupAccountSidW, CreateWellKnownSid, IsValidSid, GetTokenInformation, EnumServicesStatusExW, CloseServiceHandle, QueryServiceConfigW, OpenServiceW, StartServiceW, OpenSCManagerW, ControlService, LookupPrivilegeValueW, AdjustTokenPrivileges, OpenThreadToken
> KERNEL32.dll: LoadLibraryA, InterlockedCompareExchange, FreeLibrary, GetProcAddress, Sleep, GetComputerNameW, SetEvent, lstrcmpW, QueueUserWorkItem, GetThreadTimes, lstrlenA, MultiByteToWideChar, GetTempPathW, IsWow64Process, CreateFileW, HeapAlloc, GetProcessHeap, DuplicateHandle, HeapFree, GetCurrentDirectoryW, GetVersionExW, lstrcmpiW, GetLastError, GetProcessAffinityMask, SetProcessAffinityMask, GetTimeFormatW, GetModuleFileNameW, QueryFullProcessImageNameW, GetExitCodeThread, OpenProcess, GetPriorityClass, ReadProcessMemory, GetTickCount, lstrlenW, CompareStringW, GetNumberFormatW, GetLocaleInfoW, HeapSize, HeapReAlloc, LocalFree, LocalAlloc, FormatMessageW, HeapSetInformation, SetPriorityClass, CreateMutexW, GetCurrentProcessId, ProcessIdToSessionId, DeviceIoControl, SetLastError, GetCurrentThread, FindResourceExW, LoadResource, LockResource, UnhandledExceptionFilter, GetSystemTimeAsFileTime, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, GetStartupInfoW, InterlockedExchange, DelayLoadFailureHook, TerminateProcess, GetCurrentProcess, GetCurrentThreadId, CloseHandle, CreateProcessW, ExpandEnvironmentStringsW, WaitForSingleObject, SetProcessShutdownParameters, CreateThread, CreateEventW, ReleaseMutex
> GDI32.dll: CreateDIBSection, CreatePen, GetStockObject, CreateRectRgn, CreateSolidBrush, GetTextExtentPoint32W, CreateFontIndirectW, GetCharWidth32W, CreateCompatibleBitmap, Rectangle, SetBkMode, SetTextColor, CreateCompatibleDC, DeleteDC, GetCurrentObject, GetObjectW, BitBlt, SelectObject, MoveToEx, LineTo, GetDeviceCaps, DeleteObject
> USER32.dll: SetMenuDefaultItem, EnumWindowStationsW, ShowWindowAsync, SetThreadDesktop, EndTask, GetGuiResources, PostMessageW, CharLowerBuffW, IsDlgButtonChecked, GetWindowTextW, CheckDlgButton, EnableWindow, TrackPopupMenuEx, SetDlgItemTextW, SetScrollInfo, DialogBoxParamW, EndDialog, GetScrollInfo, SetScrollPos, GhostWindowFromHungWindow, HungWindowFromGhostWindow, ReleaseDC, SystemParametersInfoW, GetWindowLongW, SetWindowLongW, CallWindowProcW, DefWindowProcW, LoadCursorW, SetCursor, GetDC, GetWindowTextLengthW, PeekMessageW, GetCursorPos, OpenWindowStationW, GetProcessWindowStation, GetDlgCtrlID, InvalidateRect, UpdateWindow, CreateWindowExW, DrawTextW, FillRect, ChangeWindowMessageFilter, SetProcessDPIAware, SetProcessWindowStation, FindWindowW, GetWindowThreadProcessId, AllowSetForegroundWindow, SendMessageTimeoutW, MessageBoxW, CreateDialogParamW, GetMessageW, TranslateAcceleratorW, IsDialogMessageW, TranslateMessage, DispatchMessageW, IsZoomed, PostQuitMessage, MoveWindow, MessageBeep, DestroyWindow, GetClassLongW, RegisterClassW, CloseWindowStation, EnumDesktopsW, KillTimer, GetMenuItemInfoW, GetDialogBaseUnits, GetDesktopWindow, CascadeWindows, GetLastActivePopup, GetThreadDesktop, GetSystemMetrics, GetSysColor, LoadIconW, SetTimer, EnableMenuItem, GetForegroundWindow, PostThreadMessageW, MonitorFromRect, LoadMenuW, GetSubMenu, RemoveMenu, DestroyMenu, GetKeyState, GetFocus, GetClassNameW, GetNextDlgTabItem, SetFocus, GetParent, MonitorFromPoint, GetMonitorInfoW, LoadAcceleratorsW, OpenIcon, SetForegroundWindow, LoadImageW, DestroyIcon, GetShellWindow, ShowWindow, BeginDeferWindowPos, GetWindowRect, DeferWindowPos, EndDeferWindowPos, IsIconic, BeginPaint, EndPaint, DrawEdge, GetClientRect, SetWindowPos, SetMenu, GetDlgItem, MapWindowPoints, SendMessageW, SetMenuItemInfoW, SetMenuInfo, MsgWaitForMultipleObjects, IsWindow, GetMenu, CheckMenuRadioItem, CheckMenuItem, DeleteMenu, LoadStringW, SetWindowTextW, GetClassInfoW, SwitchToThisWindow, TileWindows, OpenDesktopW, CloseDesktop, EnumWindows, GetWindow, IsWindowVisible, InternalGetWindowText, RegisterWindowMessageW, IsHungAppWindow, SetRect
> msvcrt.dll: _controlfp, _except_handler4_common, _terminate@@YAXXZ, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _amsg_exit, _initterm, _wcmdln, exit, _XcptFilter, _exit, _cexit, __wgetmainargs, free, wcsrchr, _wcsdup, _wcsicmp, strrchr, _i64tow_s, memcpy, _ui64tow_s, wcsstr, memmove, _ftol2, _vsnwprintf, memset
> IPHLPAPI.DLL: GetAdaptersAddresses, GetIfEntry2, NhGetInterfaceNameFromDeviceGuid
> COMCTL32.dll: ImageList_SetIconSize, ImageList_Create, ImageList_Remove, -, -, ImageList_ReplaceIcon, -, -, -, -, -, -, -, CreateStatusWindowW, HIMAGELIST_QueryInterface, ImageList_Destroy, -
> SHLWAPI.dll: -, -, PathAppendW, PathRemoveExtensionW, PathAddExtensionW, StrStrW, StrCmpIW, -, StrDupW, -, StrFormatByteSizeW, -, -
> SHELL32.dll: Shell_NotifyIconW, -, CommandLineToArgvW, -, SHParseDisplayName, SHOpenFolderAndSelectItems, -, ShellExecuteExW, ShellAboutW, -, -
> ntdll.dll: NtSetInformationFile, NtOpenProcessToken, NtQueryInformationToken, RtlInitializeCriticalSection, RtlEnterCriticalSection, RtlLeaveCriticalSection, RtlDeleteCriticalSection, NtOpenThread, NtClose, RtlTimeToElapsedTimeFields, NtOpenThreadToken, NtQueryInformationProcess, RtlInitUnicodeString, RtlNtStatusToDosError, NtQuerySystemInformation, WinSqmAddToStream, NtOpenFile
> Secur32.dll: GetUserNameExW
> UxTheme.dll: SetWindowTheme
> wevtapi.dll: EvtSubscribe, EvtClose
> VDMDBG.dll: VDMTerminateTaskWOW, VDMEnumTaskWOWEx
( 0 exports )
PDFiD.: -
RDS…: NSRL Reference Data Set
ThreatExpert info: <a href=‘http://www.threatexpert.com/report.aspx?md5=ef8ae178fae3c5f97e383753eb1df3ba’ target=‘_blank’>http://www.threatexpert.com/report.aspx?md5=ef8ae178fae3c5f97e383753eb1df3ba</a>