home

Csware.sys

Symen Ltd Watchdog

Symen Technologies

It runs as a Windows kernel mode device driver named “Csware service”.
Publisher:
Symen Ltd  (signed by Symen Technologies)

Product:
Symen Ltd Watchdog

Description:
Watchdog Driver

Version:
2.2.0.2

MD5:
1a675ad819768d3d32d09234110fc89b

SHA-1:
ed57ffb4c34b5ac80bae1edfe528b474c4aebfc4

SHA-256:
7863c63313761b821ef65c0bd39bf1adf39e1307d90153a91cbef32db3e8b4ae

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/1/2025 5:29:49 PM UTC  (today)

File size:
27.3 KB (27,928 bytes)

Product version:
2.2.0.2

Copyright:
© Symen Ltd. All rights reserved.

Original file name:
Csware.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\csware.sys

Digital Signature
Signed by:
Symen Technologies

Authority:
VeriSign, Inc.

Valid from:
3/1/2012 2:00:00 AM

Valid to:
3/2/2013 1:59:59 AM

Subject:
CN=Symen Technologies, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Symen Technologies, L=Petah Tikva, S=Kiryat Matalon, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
17D32DD30F4D5734DCE2EEAAABDBF76D

File PE Metadata
Compilation timestamp:
7/17/2012 3:49:32 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:dAZ/DBiyc0F1+zWUggJeSuzYE2cL/JspGcey+bO2qyJ09HUpDD6dR3mirILXKQUt:OjFsHJeccWpGE+bVqVID2d4IIL6

Entry address:
0x70A6

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 50, FF, FF, FF, CC, CC, E0, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E4, 75, 00, 00, 00, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, BC, 71, 00, 00, D6, 71, 00, 00, E8, 71, 00, 00, 00, 72, 00, 00, 10, 72, 00, 00, 28, 72, 00, 00, 3A, 72, 00, 00, 44, 72, 00, 00, 4E, 72, 00, 00, 66, 72, 00, 00, 74, 72, 00, 00, 88, 72, 00, 00, A0, 72, 00, 00, AA, 72, 00, 00, BE, 72, 00, 00, DE, 72, 00, 00, F2, 72, 00, 00, 0A, 73...
 
[+]

Entropy:
6.7671

Code size:
15.5 KB (15,872 bytes)

Driver
Display name:
Csware service

Service name:
Csware

Type:
Kernel device driver (KernelDriver)


Scan Csware.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.