home

HIDKMDF.SYS

Windows Codename Longhorn DDK driver

Open Source Developer

It runs as a Windows kernel mode device driver named “Filter Driver Service for HID-KMDF Interface layer”.
Publisher:
Windows (R) Codename Longhorn DDK provider  (signed by Open Source Developer)

Product:
Windows (R) Codename Longhorn DDK driver

Description:
Filter Driver for HID-KMDF Interface

Version:
6.0.6000.16386 (fre_wxp_x86) built by: WinDDK

MD5:
2ec85997070bea7c49db84e3a0ae9bdc

SHA-1:
bf934f117f521ff8b137c7164c94567a4a30d8fe

SHA-256:
26ad6c88d391fd52a656c36769638e04c12854cdd4941e75dd8addc802db288d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 3:38:44 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.6379

File size:
9.4 KB (9,664 bytes)

Product version:
6.0.6000.16386 (fre_wxp_x86)

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
HIDKMDF.SYS

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\hidkmdf.sys

Digital Signature
Signed by:
Open Source Developer

Authority:
Unizeto Technologies S.A.

Valid from:
9/28/2011 11:22:52 AM

Valid to:
9/27/2012 11:22:52 AM

Subject:
C=IL, O=Open Source Developer, CN=Open Source Developer, E=shaul.eiz@gmail.com

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
74E42CECC4CD247FDA54F25BD22DFA8F

File PE Metadata
Compilation timestamp:
2/15/2012 8:33:15 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
96:j912MKaz0KgL6t3aXDQAfPkfVuB18WM4G0MszorTgLI6Y4pxsIqvxo8rD/0:jvKaz0KNaTQAUy1hMszdIA5go8PM

Entry address:
0x5A5

Entry point:
8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 85, DB, 75, 0E, FF, 75, 0C, 53, E8, CA, 0B, 00, 00, E9, BE, 00, 00, 00, 66, 83, 25, 40, 0E, 01, 00, 00, 56, FF, 75, 0C, BE, 40, 0E, 01, 00, 56, 89, 1D, 54, 0E, 01, 00, 66, C7, 05, 42, 0E, 01, 00, 08, 02, C7, 05, 44, 0E, 01, 00, 58, 0E, 01, 00, FF, 15, 1C, 07, 01, 00, 68, 50, 0E, 01, 00, 68, 08, 08, 01, 00, 56, 53, E8, DC, 00, 00, 00, 85, C0, 7C, 77, 57, 8B, 3D, 60, 10, 01, 00, EB, 0E, 56, 53, FF, 57, 08, 85, C0, 89, 45, 08, 7C, 1B, 8B, 3F, 85, FF, 75, EE, E8, 62, 00, 00...
 
[+]

Code size:
1.4 KB (1,408 bytes)

Driver
Display name:
Filter Driver Service for HID-KMDF Interface layer

Service name:
hidkmdf

Type:
Kernel device driver (KernelDriver)

Group:
PNP Filter


Scan HIDKMDF.SYS - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.