home

MftWipeFilter.sys

Jetico BCWipe

Jetico Inc. Oy

It runs as a Windows file system device driver named “Jetico file system filter”.
Publisher:
Windows (R) Win 7 DDK provider  (signed by Jetico Inc. Oy)

Product:
Jetico® BCWipe®

Description:
MFT Wiping Process Filtering Driver

Version:
1.0.0.4 built by: WinDDK

MD5:
e76cceb1514795eabab199169eaba551

SHA-1:
924e5edcdb913b3f3a2079cf1567a0834daaba87

SHA-256:
401add334e0dcb58fd9f705cc8c7ff3a69ff3032c465c458ba1df8a695ea6f7b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 8:25:49 AM UTC  (today)

File size:
25.9 KB (26,560 bytes)

Product version:
1.0.0.4

Copyright:
© Jetico Inc. All rights reserved.

Original file name:
MftWipeFilter.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\mftwipefilter.sys

Digital Signature
Signed by:
Jetico Inc. Oy

Authority:
VeriSign, Inc.

Valid from:
9/7/2012 3:00:00 AM

Valid to:
9/9/2015 2:59:59 AM

Subject:
CN=Jetico Inc. Oy, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Jetico Inc. Oy, L=Espoo, S=Uusimaa, C=FI

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
31C10146F5E05334B854758765316025

File PE Metadata
Compilation timestamp:
4/1/2014 11:47:14 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:ueBTFHxbjCHKS2/Fohxw7SIboF28YqGFJcenYPLolIzUHeMXS:3BTFHxHeSasK28CFJceA5

Entry address:
0x39FA

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 7C, FE, FF, FF, 4D, 66, 74, 57, 69, 70, 65, 21, 44, 72, 69, 76, 65, 72, 45, 6E, 74, 72, 79, 3A, 20, 46, 61, 69, 6C, 65, 64, 20, 74, 6F, 20, 63, 72, 65, 61, 74, 65, 20, 73, 79, 6D, 62, 6F, 6C, 69, 63, 20, 6C, 69, 6E, 6B, 20, 66, 6F, 72, 20, 64, 65, 76, 69, 63, 65, 21, 20, 73, 74, 61, 74, 75, 73, 20, 3D, 20, 30, 78, 25, 78, 0A, 00, CC, 4D, 66, 74, 57, 69, 70, 65, 21, 44, 72, 69, 76, 65, 72, 45, 6E, 74, 72, 79, 3A, 20, 46, 61, 69, 6C, 65, 64, 20, 74, 6F, 20, 63...
 
[+]

Entropy:
6.4197

Code size:
12.1 KB (12,416 bytes)

Driver
Display name:
Jetico file system filter

Service name:
MftWipeFilter

Type:
File system 'filter' driver (FileSystemDriver)

Group:
FSFilter Security Enhancer

Depends on:
FltMgr


Scan MftWipeFilter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.