home

avgboota.sys

AVG Internet Security

Microsoft Corporation

Publisher:
AVG Technologies CZ, s.r.o.  (signed by Microsoft Corporation)

Product:
AVG Internet Security

Description:
AVG Early Launch Anti-Malware Driver

Version:
13.0.0.2734

MD5:
c02315c595bef09a2ac1df3e7263bb04

SHA-1:
8f2a96240a393c944ee038c0244e77147aa3b4e3

SHA-256:
9c42e885d17eefefad65dfef1aaa97a3324c475b12f91ffb0b68f4cac51c1e5e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/26/2024 5:04:46 PM UTC  (today)

File size:
19.9 KB (20,400 bytes)

Product version:
13.0.0.2734

Copyright:
Copyright © 2012 AVG Technologies CZ, s.r.o.

Original file name:
avgboota.sys

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\Program Files\avg\avg2013\drivers\avgboota.sys

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
7/9/2012 5:14:38 PM

Valid to:
10/9/2013 5:14:38 PM

Subject:
CN=Microsoft Windows Early Launch Anti-malware Publisher, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000000148E97BFE6C9F875AB000000000014

File PE Metadata
Compilation timestamp:
10/3/2012 7:47:23 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:G64dgmxNQmksxxcIQ5h0rlH+T6aGjV4IODuFmiwW1+TMUVWQ4CWsHqnajPyFYnH5:GRmmxNzxit0rlH1jHf+wUNHlum2wIO

Entry address:
0x7008

Entry point:
40, 53, 48, 83, EC, 30, 48, 8B, 05, 63, C0, FF, FF, 83, 38, 00, 76, 07, 33, C0, E9, FA, 00, 00, 00, 48, 8D, 05, E0, EF, FF, FF, 48, 89, 41, 68, 48, 8B, CA, E8, D4, 9F, FF, FF, 8B, D8, 85, C0, 0F, 88, DB, 00, 00, 00, 8B, 0D, E4, D0, FF, FF, C7, 05, 12, D1, FF, FF, 01, 00, 00, 00, 89, 0D, 18, D1, FF, FF, F6, C1, 01, 0F, 85, B3, 00, 00, 00, E8, C2, A5, FF, FF, 89, 05, 08, D1, FF, FF, 85, C0, 78, 1B, 48, 8B, 0D, D5, D0, FF, FF, 8B, 41, 0C, 89, 05, E8, D0, FF, FF, 8B, 41, 10, 89, 05, E3, D0, FF, FF, EB, 0E, 83...
 
[+]

Entropy:
6.3823

Code size:
7 KB (7,168 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.