home

inspect.sys

COMODO Firewall Pro Firewall Driver

Comodo CP, Inc

It runs as a Windows kernel mode device driver named “COMODO Firewall Pro Firewall Driver”.
Publisher:
COMODO  (signed by Comodo CP, Inc)

Product:
COMODO Firewall Pro Firewall Driver

Version:
3.0.11.239

MD5:
c58ab95f7bd87dc9b0583870bebd6216

SHA-1:
49d3be7272aef4729cc0eb0afd135b57c3936f89

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:55:55 PM UTC  (today)

File size:
73.6 KB (75,384 bytes)

Product version:
3.0.11.239

Copyright:
Copyright © 2007 COMODO

Original file name:
cmdguard.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\inspect.sys

Digital Signature
Signed by:
Comodo CP, Inc

Authority:
VeriSign, Inc.

Valid from:
4/5/2007 2:00:00 AM

Valid to:
4/5/2008 1:59:59 AM

Subject:
CN="Comodo CP, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Comodo CP, Inc", S=NewJersey, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E93B43C900815BF50B6C68DBA2D9FDB

File PE Metadata
Compilation timestamp:
12/9/2007 11:26:14 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
1536:akyLVg+vJMs+sLo645EqDYFGFyk/4dTFuoNpLL0Zd/nVWNetS:YLVn79qeHkgpd9Y/nQ

Entry address:
0xEC30

Entry point:
6A, 00, 6A, 00, 68, 00, E7, 01, 00, 68, 04, E7, 01, 00, E8, D7, E9, FF, FF, 83, 3D, 04, E7, 01, 00, 05, 74, 08, B8, 59, 00, 00, C0, C2, 08, 00, 6A, 2B, B8, 38, E7, 01, 00, 6A, 00, 68, 20, E7, 01, 00, A3, 3C, E7, 01, 00, A3, 38, E7, 01, 00, E8, CF, E2, FF, FF, B8, 10, E7, 01, 00, 68, 08, E7, 01, 00, A3, 14, E7, 01, 00, A3, 10, E7, 01, 00, FF, 15, 6C, D9, 01, 00, E8, 30, 2D, FF, FF, 85, C0, 75, BD, E8, 77, 74, FF, FF, 85, C0, 75, B4, E8, 7E, 53, FF, FF, E8, D9, 75, FF, FF, 85, C0, 75, A6, E8, F0, D3, FF, FF...
 
[+]

Entropy:
6.4324

Code size:
56.6 KB (57,984 bytes)

Driver
Display name:
COMODO Firewall Pro Firewall Driver

Service name:
Inspect

Type:
Kernel device driver (KernelDriver)

Group:
Streams Drivers


Scan inspect.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.