home

vbengnt.sys

VirusBuster Engine SYS for Windows NT/2000/XP

VirusBuster Ltd

It runs as a Windows kernel mode device driver named “VBEngNT”.
Publisher:
VirusBuster Kft.  (signed by VirusBuster Ltd)

Product:
VirusBuster Engine SYS for Windows NT/2000/XP

Version:
4.6.14

MD5:
518741b0043391216c19cc82d532aae8

SHA-1:
2f8c13338b00f40d2882af62c94ec1b2e9e5025e

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/7/2024 4:06:29 PM UTC  (today)

Scan engine
Detection
Engine version

Norman
W32/Packed_Upack.R
11.20161025

File size:
1.1 MB (1,183,784 bytes)

Product version:
4.6.14

Copyright:
Copyright (C) VirusBuster Kft. 1999-2009.

Trademarks:
Trademark (tm) 1988-2009 VirusBuster Kft.

Original file name:
vbengnt.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\vbengnt.sys

Digital Signature
Signed by:
VirusBuster Ltd

Authority:
VeriSign, Inc.

Valid from:
8/16/2009 8:00:00 PM

Valid to:
9/3/2010 7:59:59 PM

Subject:
CN=VirusBuster Ltd, OU=Software Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=VirusBuster Ltd, L=Budapest, S=Budapest, C=HU

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5EE43A226C6F6AEE960ACE8EE1F06409

File PE Metadata
Compilation timestamp:
6/26/2009 12:21:25 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
6.0

CTPH (ssdeep):
24576:VT/taQGM/ALsBli+k32gUj1wtPmA0Z4vejxGp:VTVNALsBlJk3br0Ap

Entry address:
0xA6E0

Entry point:
83, EC, 5C, 56, 57, B9, 08, 00, 00, 00, BE, 28, 97, 0F, 00, 8D, 7C, 24, 1C, 8D, 44, 24, 1C, F3, A5, B9, 0A, 00, 00, 00, BE, 00, 97, 0F, 00, 8D, 7C, 24, 3C, 50, F3, A5, 8B, 3D, 8C, 03, 01, 00, 8D, 4C, 24, 10, 51, C7, 44, 24, 10, 00, 00, 00, 00, FF, D7, 8D, 54, 24, 08, 8D, 44, 24, 0C, 8B, 74, 24, 68, 52, 6A, 01, 6A, 00, 68, 00, 83, 00, 00, 50, 6A, 04, 56, FF, 15, 1C, 04, 01, 00, 85, C0, 7C, 31, 8D, 4C, 24, 3C, 8D, 54, 24, 14, 51, 52, FF, D7, 8D, 44, 24, 0C, 8D, 4C, 24, 14, 50, 51, FF, 15, 20, 04, 01, 00, B9...
 
[+]

Entropy:
5.9516

Code size:
934.7 KB (957,120 bytes)

Driver
Display name:
VBEngNT

Type:
Kernel device driver (KernelDriver)


Scan vbengnt.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.