home

HIDKMDF.SYS

Windows Codename Longhorn DDK driver

Open Source Developer

It runs as a Windows 64-bit kernel mode device driver named “Microsoft HID Class Shim for KMDF”.
Publisher:
Windows (R) Codename Longhorn DDK provider  (signed by Open Source Developer)

Product:
Windows (R) Codename Longhorn DDK driver

Description:
Filter Driver for HID-KMDF Interface

Version:
6.0.6000.16386 (fre_wlh_amd64) built by: WinDDK

MD5:
08df746ea56c8652f3965d43ffff2c1d

SHA-1:
ca555b0eb935e955bf374cdf468b8b3fc10c1220

SHA-256:
e479825a3da3a833c1f381d04a98f0a23c514e603a4f471c62d40f2e14e6eaed

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 8:55:45 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W64.HfsAdware
1.3.0.7383

File size:
12.5 KB (12,752 bytes)

Product version:
6.0.6000.16386 (fre_wlh_amd64)

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
HIDKMDF.SYS

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\hidkmdf.sys

Digital Signature
Signed by:
Open Source Developer

Authority:
Unizeto Technologies S.A.

Valid from:
9/28/2011 11:22:52 AM

Valid to:
9/27/2012 11:22:52 AM

Subject:
C=IL, O=Open Source Developer, CN=Open Source Developer, E=shaul.eiz@gmail.com

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
74E42CECC4CD247FDA54F25BD22DFA8F

File PE Metadata
Compilation timestamp:
3/19/2011 3:59:34 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
192:DRkTfZ0ZfFi0KxQYAXoY4SiQA3JYoeq1hMszdIA5go8Zze:DGTf6Zfk0KuYAE9QSVoyqE

Entry address:
0x11AC

Entry point:
48, 89, 5C, 24, 08, 48, 89, 6C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 20, 48, 85, C9, 48, 8B, EA, 48, 8B, F9, 75, 0A, E8, F0, 4E, 00, 00, E9, F1, 00, 00, 00, 66, 83, 25, 93, 2B, 00, 00, 00, 48, 89, 0D, B4, 2B, 00, 00, 48, 8D, 05, B5, 2B, 00, 00, 48, 8D, 0D, 7E, 2B, 00, 00, 48, 89, 05, 7F, 2B, 00, 00, 66, C7, 05, 70, 2B, 00, 00, 08, 02, FF, 15, 28, 0E, 00, 00, 4C, 8D, 0D, 81, 2B, 00, 00, 4C, 8D, 05, FA, 1E, 00, 00, 48, 8D, 15, 53, 2B, 00, 00, 48, 8B, CF, E8, 43, 01, 00, 00, 85, C0, 0F, 88, 99, 00, 00...
 
[+]

Code size:
4 KB (4,096 bytes)

Driver
Display name:
Microsoft HID Class Shim for KMDF

Service name:
hidkmdf

Type:
Kernel device driver (KernelDriver)

Group:
PNP Filter


Scan HIDKMDF.SYS - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.