maybe malware is gone or rendered ineffective
Virustotal scan of dxgth.sys
Antivirus scan for a73f5d6705b1d820c19b18782e176efd at 2013-02-09 00:04:17 UTC - VirusTotal×
Cookies are disabled! This site requires cookies to be enabled to work properly
CommunityStatisticsDocumentationFAQAboutJoin our community
Sign in
SHA256:c36486504c3a596fdca487143f6d3b43c0bee01321f6f1f3071976556533c419
SHA1:6f9f663cdfbc2592eab4c43fee359effd37d60f2
MD5:a73f5d6705b1d820c19b18782e176efd
File size:3.3 KB ( 3328 bytes )
File name:dxgthk.sys
File type:Win32 EXE
Tags:peexe nsrl mz
Detection ratio:0 / 45
Analysis date:2013-02-09 00:04:17 UTC ( 1 minute ago )
20Less detailsAnalysis
Comments
Votes
Additional information
AntivirusResultUpdate
Agnitum-20130208
AhnLab-V3-20130208
AntiVir-20130208
Antiy-AVL-20130208
Avast-20130209
AVG-20130208
BitDefender-20130209
ByteHero-20130207
CAT-QuickHeal-20130208
ClamAV-20130209
Commtouch-20130208
Comodo-20130208
Emsisoft-20130209
eSafe-20130206
ESET-NOD32-20130208
F-Prot-20130201
F-Secure-20130208
Fortinet-20130209
GData-20130209
Ikarus-20130208
Jiangmin-20130207
K7AntiVirus-20130207
Kaspersky-20130208
Kingsoft-20130204
Malwarebytes-20130208
McAfee-20130209
McAfee-GW-Edition-20130208
Microsoft-20130208
MicroWorld-eScan-20130209
NANO-Antivirus-20130208
Norman-20130208
nProtect-20130208
Panda-20130208
PCTools-20130209
Rising-20130205
Sophos-20130208
SUPERAntiSpyware-20130208
Symantec-20130208
TheHacker-20130208
TotalDefense-20130208
TrendMicro-20130209
TrendMicro-HouseCall-20130208
VBA32-20130208
VIPRE-20130209
ViRobot-20130208
No comments. No VirusTotal Community member has commented on this item yet, be
the first one to do so! Filename: dxgthk.sys. PE32 from Windows XP SP3
#goodware #whitelist
Posted 1 week ago by Bernardo.Quintero Tagged automatically
#goodware
Posted 1 year ago by tigzy #goodware
Posted 1 year, 3 months ago by angel1973 More comments Leave your comment...?
Rich Text AreaToolbarBold (Ctrl+B)Italic (Ctrl+I)Underline
(Ctrl+U)Undo (Ctrl+Z)Redo (Ctrl+Y)StylesStyles▼
Remove Formatting
Post comment You have not signed in. Only registered users can leave comments,
sign in and have a voice! Sign in Join the community
No votes. No one has voted on this item yet, be the first one to do so! More
votes
An error occurred
ssdeep48:aJgYcOH0IOPKG5MtrCfYBhg8ZefEvZQdoq+4VDIZWWEWtIhvk5WwG:eN9BGorTHg8acZQdoz4xEW2tav4Ww
TrIDGeneric Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
ExifToolSubsystemVersion.........: 5.1
InitializedDataSize......: 2304
ImageVersion.............: 5.1
ProductName..............: Microsoft Windows Operating System
FileVersionNumber........: 5.1.2600.0
UninitializedDataSize....: 0
LanguageCode.............: English (U.S.)
FileFlagsMask............: 0x003f
CharacterSet.............: Unicode
LinkerVersion............: 7.0
FileOS...................: Windows NT 32-bit
MIMEType.................: application/octet-stream
Subsystem................: Native
FileVersion..............: 5.1.2600.0 (xpclient.010817-1148)
TimeStamp................: 2001:08:17 21:53:12+01:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: dxgthk.sys
ProductVersion...........: 5.1.2600.0
FileDescription..........: DirectX Graphics Driver Thunk
OSVersion................: 5.1
OriginalFilename.........: dxgthk.sys
LegalCopyright...........: Microsoft Corporation. All rights reserved.
MachineType..............: Intel 386 or later, and compatibles
CompanyName..............: Microsoft Corporation
CodeSize.................: 256
FileSubtype..............: 7
ProductVersionNumber.....: 5.1.2600.0
EntryPoint...............: 0x0359
ObjectFileType...........: Driver
Sigcheckpublisher................: Microsoft Corporation
product..................: Microsoft_ Windows_ Operating System
verified.................:
internal name............: dxgthk.sys
copyright................: (c) Microsoft Corporation. All rights reserved.
original name............: dxgthk.sys
file version.............: 5.1.2600.0 (xpclient.010817-1148)
description..............: DirectX Graphics Driver Thunk
Portable Executable structural informationCompilation timedatestamp.....: 2001-08-17 20:53:12
Target machine................: 0x14C (Intel 386 or later processors and compatible processors)
Entry point address...........: 0x00000359
PE Sections...................:
Name Virtual Address Virtual Size Raw Size Entropy MD5
.text 768 112 128 4.79 9221f24425680002b1f81b023f4bd065
.rdata 896 79 128 2.57 7460f55ce7f6ce7c20e2517b415c7e17
.edata 1024 1018 1024 5.13 be658f60eb262953b13881bbb9fd76c0
INIT 2048 76 128 1.98 1c299f3aa961cff8b08dee46fa93b2b7
.rsrc 2176 1008 1024 3.37 28d1f9c6d9f73ae580de8d4290b775cb
.reloc 3200 20 128 0.63 202d6f86f367ff4e147afccf06b92b6e
PE Imports....................:
[[WIN32K.SYS]]
EngDebugPrint
PE Exports....................:
DriverEntry, EngAcquireSemaphore, EngAllocMem, EngAllocUserMem, EngCopyBits, EngCreateBitmap, EngCreatePalette, EngCreateSemaphore, EngDeletePalette, EngDeleteSemaphore, EngDeleteSurface, EngFindImageProcAddress, EngFreeMem, EngFreeUserMem, EngLoadImage, EngLockSurface, EngReleaseSemaphore, EngSetLastError, EngUnloadImage, EngUnlockSurface
PE Resources..................:
Resource type Number of resources
RT_VERSION 1
Resource language Number of resources
ENGLISH US 1
Symantec ReputationSuspicious.Insight
First seen by VirusTotal2008-02-27 07:34:34 UTC ( 4 years, 11 months ago )
Last seen by VirusTotal2013-02-09 00:04:17 UTC ( 1 minute ago )
File names (max. 25)a73f5d6705b1d820c19b18782e176efd dxgthk.sys
copy_dxgthk.sys 0164ab8900598a330de900e4fef37900b79bcd14.EXE
copy_dxgthk.sys 0164AB8900598A330DE900E4FEF37900B79BCD14.sys
smona132793315960569700485 dxgthk.sy
6f9f663cdfbc2592eab4c43fee359effd37d60f2 smona132796041748063513873
smona132783854271417564225 copy_dxgthk.sys smona132751196174526404124
dxgthk.-sys- smona132793361496414280771 smona132751015966761186718
dxgthk.BAD dxgthk.sys DPVPAPQAQI-550.pms.sys.SVD
smona132793231649567662997 smona132795839658992390839
0164ab8900598a330de900e4fef37900b79bcd14.new dxgthk.sys
a73f5d6705b1d820c19b18782e176efd DXGTHK.SYS
National Software Reference Library (NIST)This file was found in the NSRL
dataset, in the following products:Windows XP (Microsoft)MSDN Disc 2466
(Microsoft)MSDN Disc 1550 (Microsoft)Platforms SDKs/DDKs
(Microsoft)Windows XP Home Edition (Microsoft)Windows XP Professional
(Microsoft)Windows XP eMbedded Evaluation Software (Microsoft)Windows XP
Tablet PC Edition (Microsoft)Platforms (Microsoft)Applications,
Platforms, Servers (Microsoft)Platforms, SDK/DDK, Developer Tools
(Microsoft)Platforms, SDK/DDK (Microsoft)Applications, Platforms
(Microsoft)Windows CE .NET Evaluation Software (Microsoft)Internet
Explorer Versions (Microsoft)Windows 2000 Versions (Microsoft)Internet
Explorer (Microsoft)Windows 98 Versions (Microsoft)Windows XP
Professional 2002 Service Pack 1 (Microsoft)Office XP Professional with
FrontPage (Microsoft)The file was found with the following
names:dxgthk.sysDXGTHK.SYS, dxgthk.sys
Blog | Twitter | contact@virustotal.com| Google groups | ToS | Privacy policy ×
Recover your passwordEnter the email address associated to your VirusTotal
Community account and we'll send you a message so you can setup a new
password.Email: Recover password Cancel
× Join VirusTotal CommunityInteract with other VirusTotal users and have an
active voice when fighting today's Internet threats. Find out more about
VirusTotal Community. First name Last name Username * Email * Password *
Confirm password * * Required field Cancel Sign up
× Sign inUsername or email Password Forgot your password? Cancel Sign in
not getting warning on many pages
virustotal scan of ntdll.dll
Antivirus scan for at UTC - VirusTotal× Cookies are disabled! This site requires
cookies to be enabled to work properly
CommunityStatisticsDocumentationFAQAboutJoin our community
Sign in
Analysis completed.
SHA256:54df909101aaec63234a5c33b51d6689fef58b943942bffa9606864f43ec1085
SHA1:66e2618e7aaf0b59e44aea5431893f3a765bb87b
MD5:f8f0d25ca553e39dde485d8fc7fcce89
File size:701.5 KB ( 718336 bytes )
File name:ntdll.dll
File type:Win32 DLL
Detection ratio:0 / 45
Analysis date:2013-02-09 00:21:40 UTC ( 0 minutes ago )
10More detailsAnalysis
Comments
Votes
Additional information
AntivirusResultUpdate
Agnitum-20130208
AhnLab-V3-20130208
AntiVir-20130209
Antiy-AVL-20130208
Avast-20130209
AVG-20130208
BitDefender-20130209
ByteHero-20130208
CAT-QuickHeal-20130208
ClamAV-20130209
Commtouch-20130208
Comodo-20130208
Emsisoft-20130209
eSafe-20130206
ESET-NOD32-20130208
F-Prot-20130201
F-Secure-20130208
Fortinet-20130209
GData-20130209
Ikarus-20130208
Jiangmin-20130207
K7AntiVirus-20130207
Kaspersky-20130208
Kingsoft-20130204
Malwarebytes-20130208
McAfee-20130209
McAfee-GW-Edition-20130208
Microsoft-20130208
MicroWorld-eScan-20130209
NANO-Antivirus-20130208
Norman-20130208
nProtect-20130208
Panda-20130208
PCTools-20130209
Rising-20130205
Sophos-20130209
SUPERAntiSpyware-20130208
Symantec-20130208
TheHacker-20130208
TotalDefense-20130208
TrendMicro-20130209
TrendMicro-HouseCall-20130208
VBA32-20130208
VIPRE-20130209
ViRobot-20130208
No comments. No VirusTotal Community member has commented on this item yet, be
the first one to do so! Filename: ntdll.dll. PE32 from Windows XP SP3
#goodware #whitelist
Posted 6 days, 2 hours ago by Bernardo.Quintero More comments Leave your
comment...? Rich Text AreaToolbarBold (Ctrl+B)Italic
(Ctrl+I)Underline (Ctrl+U)Undo (Ctrl+Z)Redo
(Ctrl+Y)StylesStyles▼
Remove Formatting
Post comment You have not signed in. Only registered users can leave comments,
sign in and have a voice! Sign in Join the community
No votes. No one has voted on this item yet, be the first one to do so! More
votes
An error occurred Blog | Twitter | contact@virustotal.com| Google groups | ToS
| Privacy policy × Recover your passwordEnter the email address associated to
your VirusTotal Community account and we'll send you a message so you can setup
a new password.Email: Recover password Cancel
× Join VirusTotal CommunityInteract with other VirusTotal users and have an
active voice when fighting today's Internet threats. Find out more about
VirusTotal Community. First name Last name Username * Email * Password *
Confirm password * * Required field Cancel Sign up
× Sign inUsername or email Password Forgot your password? Cancel Sign in