home

nettalkd.sys

TK6000

Mainline Net Holdings Limited

It runs as a Windows kernel mode device driver named “NetTalk LightWeight Filter”.
Publisher:
NetTalk Inc.  (signed by Mainline Net Holdings Limited)

Product:
TK6000

Description:
NetTalk helper driver

Version:
3.0.8.1

MD5:
abe3476174bc0f64c7f2b62da478906e

SHA-1:
e81f3d09107f7bb9203010a8ab385c532747328a

SHA-256:
b4a3236ea4be39000c7fb2d1fc84b3d9e9960936d5e9576974cb6da7e0d576c5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 4:06:27 AM UTC  (today)

File size:
42.6 KB (43,616 bytes)

Product version:
3.0.8.1

Copyright:
Copyright NetTalk Inc.© 2009-2012

Trademarks:
WinpkFilter

Original file name:
nettalkd.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\nettalkd.sys

Digital Signature
Signed by:
Mainline Net Holdings Limited

Authority:
VeriSign, Inc.

Valid from:
6/23/2010 8:00:00 PM

Valid to:
6/23/2013 7:59:59 PM

Subject:
CN=Mainline Net Holdings Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mainline Net Holdings Limited, L=Road Town, S=Tortola, C=VG

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4940AF83683B05D2F7B55A0ADD66CF8D

File PE Metadata
Compilation timestamp:
2/18/2012 6:18:14 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:TYN1Kwu+aAsDGK8JPsBv8F/pcgxZLWMmhbCt:TYNbu+Y8C8FBxZaDxCt

Entry address:
0xA47B

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 85, FB, FF, FF, CC, CC, CC, CC, CC, 3C, 3D, 3D, 3D, 44, 72, 69, 76, 65, 72, 45, 6E, 74, 72, 79, 2C, 20, 53, 74, 61, 74, 75, 73, 20, 3D, 20, 25, 38, 78, 0A, 00, CC, 4D, 53, 46, 69, 6C, 74, 65, 72, 3A, 20, 52, 65, 67, 69, 73, 74, 65, 72, 20, 64, 65, 76, 69, 63, 65, 20, 66, 6F, 72, 20, 74, 68, 65, 20, 66, 69, 6C, 74, 65, 72, 20, 64, 72, 69, 76, 65, 72, 20, 66, 61, 69, 6C, 65, 64, 2E, 0A, 00, CC, CC, CC, CC, CC, CC, CC, 4D, 53, 46, 69, 6C, 74, 65, 72, 3A, 20, 4E...
 
[+]

Entropy:
6.4582

Code size:
31 KB (31,744 bytes)

Driver
Display name:
NetTalk LightWeight Filter

Service name:
nettalkd

Type:
Kernel device driver (KernelDriver)

Group:
NDIS


Scan nettalkd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.