home

fltw.exe

WtFilterServ

Zimin Sergei Aleksandrovich IP

It runs as a separate (within the context of its own process) windows Service named “WtFilterServ”.
Publisher:
Zimin Sergei Aleksandrovich IP  (signed and verified)

Product:
WtFilterServ

Version:
3.1.0.0

MD5:
b2fe6e9acf32d003e76d0cbf0abedc42

SHA-1:
cb624f21b7026c49ef30ce7c98ff71ef4e99192e

SHA-256:
286dea84e32f23589e7d9c1dd6a33ead3e044bbff3673f6e449a9c7384791137

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:12:13 AM UTC  (today)

File size:
1.4 MB (1,467,240 bytes)

Product version:
3.1.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\fltw.exe

Digital Signature
Signed by:
Zimin Sergei Aleksandrovich IP

Authority:
VeriSign, Inc.

Valid from:
4/30/2013 4:00:00 AM

Valid to:
5/1/2015 3:59:59 AM

Subject:
CN=Zimin Sergei Aleksandrovich IP, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Zimin Sergei Aleksandrovich IP, L=Murom, S=Vladimir rgn., C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5B1C391BC214F05D57C5D22896BCB345

File PE Metadata
Compilation timestamp:
9/24/2013 10:03:06 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x50B84

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, D4, 9D, 45, 00, 48, 65, 46, 60, 8C, DF, 74, 46, 74, BC, 88, 92, 9A, C3, AD, 6B, 5B, 42, 20, 0D, 3D, 85, 90, D1, 51, A1, 50, 5D, 6E, C3, 76, 5A, 90, B0, 6B, 1E, 63, 02, E8, ED, E0, 3F, F4, A9, 79, 3A, E0, 41, CC, 1A, E4, 4D, D3, BA, 57, 5D, 46, DE, 7D, 00, 39, 84, D3, E3, 84, AC, A1, 29, 0A, 21, FC, A0, 08, 06, 7C, AD, A7, 0B, 61, E4, 5A, E5, 7E, 1D, BB, 39, 8E, 9E, C0, DD, BE, BB, 3E, FA, 60, E0, C2, 6C, 11, 51...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.1 MB (1,129,472 bytes)

Service
Display name:
WtFilterServ

Service name:
wtflserv

Type:
Win32OwnProcess


Scan fltw.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.