home

GSW32.EXE

Graphics Server

Bits Per Second Ltd

The executable GSW32.EXE has been detected as malware by 8 anti-virus scanners.
Publisher:
Bits Per Second Ltd  (signed and verified)

Product:
Graphics Server

Version:
5.10.0000

MD5:
d2d4130078e1076a17197363c816c53b

SHA-1:
0b0cf5c4c3f163d8fdf14d6907c48774effb9362

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
4/23/2024 8:02:11 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W95/CIH
7.11.32.208

avast!
Win32:CIH-G@dam
2014.9-151107

Emsisoft Anti-Malware
Virus.Win32.Small!IK
8.15.11.07.08

G Data
Win32:CIH-G@dam
15.11.22

IKARUS anti.virus
Virus.Win32.Small
t3scan.1.1.118.0

Norman
W32/Suspicious_Gen2.HSAKM
11.20151107

Sophos
Mal/Generic-L
4.78

VIPRE Antivirus
Trojan.Win32.Generic
12050

File size:
459.5 KB (470,552 bytes)

Product version:
5.10.0000

Copyright:
Copyright © Bits Per Second Ltd 1991-1997

Trademarks:
Graphics Server is a trademark of Bits Per Second

Original file name:
GSW32.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\gsw32.exe

Digital Signature
Signed by:
Bits Per Second Ltd

Authority:
VeriSign, Inc.

Valid from:
8/4/1997 1:00:00 AM

Valid to:
8/5/1998 12:59:59 AM

Subject:
CN=Bits Per Second Ltd, L=Brighton, S=Sussex, C=GB, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU="www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)96", OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Issuer:
OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Serial number:
162DFD73145161EEC3BA7E43CCD83AD5

File PE Metadata
Compilation timestamp:
10/22/1997 10:00:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.10

CTPH (ssdeep):
6144:BP/o+/glH2K4u5JdzbfvMeF7/yi6bYfcDh07BlGqVq78y7/HBkJ:d/vglH2YlfJF7/yrbMsAlbq8oKJ

Entry address:
0x47D00

Entry point:
64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 08, F9, 45, 00, 68, F0, EE, 44, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, F4, D7, 46, 00, A3, D4, 80, 46, 00, 33, C0, A0, D5, 80, 46, 00, A3, E0, 80, 46, 00, A1, D4, 80, 46, 00, C1, 2D, D4, 80, 46, 00, 10, 25, FF, 00, 00, 00, A3, DC, 80, 46, 00, C1, E0, 08, 03, 05, E0, 80, 46, 00, A3, D8, 80, 46, 00, E8, 6A, 71, 00, 00, E8, E5, 1D, 00, 00, 85, C0, 75, 0A, 6A, 10, E8, 2A, 01, 00, 00, 83, C4, 04, C7, 45, FC, 00, 00, 00, 00...
 
[+]

Entropy:
6.2803

Developed / compiled with:
Microsoft Visual C++ v4.2

Code size:
371.5 KB (380,416 bytes)

Remove GSW32.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.