home

FAReg.Sys

FAReg for Windows 7/Windows 2008 R2 (64-bits), Ver: 20111028-1

FineArt Technology Co., Ltd

It runs as a Windows 64-bit kernel mode device driver named “FineArt Registry Filter Driver”.
Publisher:
Copyright (C) FineArt Technology Co., Ltd.  (signed by FineArt Technology Co., Ltd)

Product:
Microsoft® Windows® Operating System

Description:
FAReg for Windows 7/Windows 2008 R2 (64-bits), Ver: 20111028-1

Version:
4.3.1.6 built by: WinDDK

MD5:
00d3cf09467ef5ce24039730edea189e

SHA-1:
427e988627f6d54ce2a2f4d44ccb9add9924848d

SHA-256:
f297569fe2e980cd8f17c472bcaaf64617609a46470e45c1b6833cb7c5cd4993

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:59:26 AM UTC  (today)

File size:
47.6 KB (48,784 bytes)

Product version:
4.3.1.6

Copyright:
Copyright (C) FineArt Technology Co., Ltd. 2011-

Original file name:
FAReg.Sys

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\fareg.sys

Digital Signature
Signed by:
FineArt Technology Co., Ltd

Authority:
VeriSign, Inc.

Valid from:
10/28/2009 8:00:00 AM

Valid to:
11/22/2012 7:59:59 AM

Subject:
CN="FineArt Technology Co., Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="FineArt Technology Co., Ltd", S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1EFEA9D57E9E729F0016FD4DAEB43D2A

File PE Metadata
Compilation timestamp:
11/3/2012 11:21:30 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0xD064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 0E, A6, FF, FF, CC, CC, B0, D0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 96, D5, 00, 00, 00, A0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 30, D2, 00, 00, 00, 00, 00, 00, 3A, D2, 00, 00, 00, 00, 00, 00, 46, D2, 00, 00, 00, 00, 00, 00, 52, D2, 00, 00, 00, 00, 00, 00, 6A, D2, 00, 00, 00, 00, 00, 00, 84, D2, 00, 00, 00, 00, 00, 00, 94, D2, 00, 00...
 
[+]

Entropy:
5.8725

Code size:
35 KB (35,840 bytes)

Driver
Display name:
FineArt Registry Filter Driver

Service name:
FAREG

Type:
Kernel device driver (KernelDriver)


Scan FAReg.Sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.