home

gwmvid.sys

Windows 2000 DDK driver

GW Micro, Inc.

It runs as a Windows kernel mode device driver named “gwmvid”.
Publisher:
Windows (R) 2000 DDK provider  (signed by GW Micro, Inc.)

Product:
Windows (R) 2000 DDK driver

Description:
Window-Eyes Miniport Driver

Version:
5.1.2600.1106 built by: WinDDK

MD5:
613ff1107c6aa6982c9ee162e4b939cd

SHA-1:
a6ba9923c08152b7440777133a8bc1a90f06f39b

SHA-256:
f44eec9a8f17a9ddacefacc6b262380c906288b7e6cdfd3bcc0018336066e9b1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 2:01:55 AM UTC  (today)

File size:
7.6 KB (7,800 bytes)

Product version:
5.1.2600.1106

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
gwmvid.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\gwmvid.sys

Digital Signature
Signed by:
GW Micro, Inc.

Authority:
VeriSign, Inc.

Valid from:
2/28/2007 6:00:00 PM

Valid to:
2/28/2010 5:59:59 PM

Subject:
CN="GW Micro, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="GW Micro, Inc.", L=Fort Wayne, S=Indiana, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
53566291FBA69ABCB6D21C7C5FFE0D57

File PE Metadata
Compilation timestamp:
2/9/2006 10:59:58 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.0

CTPH (ssdeep):
192:qVKCeyowJL/aMjGwP70M637+ebMzNMvPaE:qQXYJLWF3tb+5E

Entry address:
0x326

Entry point:
55, 8B, EC, 83, EC, 54, 6A, 54, 8D, 45, AC, 50, FF, 15, 00, 04, 01, 00, 33, C0, 50, 89, 45, EC, 89, 45, F0, 89, 45, C4, 89, 45, B0, 8D, 45, AC, 50, FF, 75, 0C, C7, 45, AC, 54, 00, 00, 00, FF, 75, 08, C7, 45, B4, 1A, 03, 01, 00, C7, 45, B8, 06, 03, 01, 00, C7, 45, C0, 20, 03, 01, 00, C7, 45, CC, 00, 03, 01, 00, C7, 45, BC, 06, 03, 01, 00, C7, 45, DC, 0C, 03, 01, 00, C7, 45, D8, 0C, 03, 01, 00, C7, 45, E0, 12, 03, 01, 00, FF, 15, 04, 04, 01, 00, C9, C2, 08, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5200

Developed / compiled with:
Microsoft Visual C++

Code size:
384 Bytes (384 bytes)

Driver
Display name:
gwmvid

Type:
Kernel device driver (KernelDriver)

Group:
Video


Scan gwmvid.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.