home

MAINT.exe

Canon IJ Scan Utility Uninstaller

CANON INC.

The executable MAINT.exe has been detected as malware by 11 anti-virus scanners. This is the uninstaller utility registered in the Windows Control Panel for the program Canon IJ Scan Utility by Canon Inc.. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download.
Publisher:
CANON INC.

Product:
Canon IJ Scan Utility Uninstaller

Version:
2.2.0.10

MD5:
c403be16e1f10b2d9b23f402a2dd6cda

SHA-1:
a10e35fad5b770aa3f29c4ca4e81e7f293c931b9

SHA-256:
2a88e34bf8abc753f0cdb96ca2971a36c469a20d2f2bcba9d652306e24b86561

Scanner detections:
11 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/19/2024 12:56:56 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160209-2

AVG
Win32/Sality
2015.0.4489

Emsisoft Anti-Malware
Win32.Sality
10.0.0.5366

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

F-Secure
Win32.Sality.3
5.15.21

Kaspersky
Virus.Win32.Sality
15.0.0.562

McAfee
Virus.W32/Sality.gen.z
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.6222.0

Norman
Win32.Sality.3
13.02.2016 01:47:07

Sophos
Virus 'Mal/Sality-D'
5.23

VIPRE Antivirus
Threat.4721115
47186

File size:
1.6 MB (1,704,552 bytes)

Product version:
2.2.0.10

Copyright:
Copyright CANON INC. 2014

Original file name:
MAINT.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\canon\ij scan utility\maint.exe

File PE Metadata
Compilation timestamp:
11/25/2013 10:05:27 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:Q1I+G2E3Gjh3Ydhe/CgStV86i3al3prZSc2msDFjI5cxQLadhC:Q1lE3GpYdhe/CvVbi3al3prZSnFE5cxI

Entry address:
0x10EB03

Entry point:
89, FF, 42, F7, C3, E3, BE, FF, 58, 85, D1, 71, 07, FE, C2, C6, C4, 5C, FE, C2, 68, B8, 29, 01, 00, 57, 85, D0, 72, 08, 86, CF, BE, EB, BE, 73, 57, 42, 0F, B6, D0, 86, ED, E8, 00, 00, 00, 00, 83, E1, 00, 84, DA, 88, E4, 8D, 05, 69, 05, 7D, F0, F6, C0, 20, 81, FB, 61, 87, 00, 00, 77, 09, 85, CD, 69, C3, 54, 6D, 3E, 14, 42, 8B, D9, 88, D7, 34, D7, 0F, AF, C0, 8D, 3D, 8E, 6F, FA, FF, 09, FA, 42, 0F, AF, C1, 81, F7, 10, 0C, 00, 00, F7, C5, BB, 56, 3A, EC, 8D, 37, F3, 02, C2, 14, 9D, 84, F0, 03, CE, 0F, BF, ED...
 
[+]

Entropy:
6.4854

Code size:
1.2 MB (1,261,056 bytes)

Program Uninstaller
Program name:
Canon IJ Scan Utility

Display publisher:
Canon Inc.

Display version:
1.1.11.1

Uninstall string:
"C:\Program Files\Canon\IJ Scan Utility\MAINT.exe" /UninstallRemove C:\Program Files\Canon\IJ Scan Utility\uninst.ini


Remove MAINT.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.