home

prl_pv32.sys

Parallels Server/Desktop (runtime switch) 4.0

Parallels Software Inc.

It runs as a Windows kernel mode device driver named “prl_pv32”.
Publisher:
Parallels, Inc.  (signed by Parallels Software Inc.)

Product:
Parallels Server/Desktop (runtime switch) 4.0

Description:
Parallels Paravirtualization Helper

Version:
4.0.3522.206020

MD5:
d2e107de6235aefbf04d851d56286680

SHA-1:
3aeb95d344a469c26249c263c0e3511d567953e1

SHA-256:
aa58858f5a82b64bcfb5439e36c5e3ebcda452b552a045b454fd57a047285a69

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 3:55:08 PM UTC  (today)

File size:
98.9 KB (101,312 bytes)

Product version:
4.0 build 3522206020

Copyright:
Copyright 2008 Parallels, Inc. All rights reserved.

Trademarks:
Parallels is a trademark of Parallels, Inc.

Original file name:
prl_paravirt

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\prl_pv32.sys

Digital Signature
Signed by:
Parallels Software Inc.

Authority:
GlobalSign nv-sa

Valid from:
4/15/2008 5:56:43 PM

Valid to:
4/15/2009 5:56:43 PM

Subject:
E=sales@parallels.com, CN=Parallels Software Inc., O=Parallels Software Inc., C=US

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000011952CD94CB

File PE Metadata
Compilation timestamp:
11/9/2008 9:53:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
768:Xl2ACuTa1anTVcbYFsoRCLgytpHZBZ9YoQMvLwSwiL2:XlrTa1ATVcCRCLgytj9fQkmiK

Entry address:
0x14B0

Entry point:
83, EC, 10, 56, 8B, 74, 24, 18, 8B, 46, 18, 57, 8B, 3D, 98, 60, 01, 00, C7, 40, 04, 90, 10, 01, 00, 68, F4, 60, 01, 00, 8D, 4C, 24, 0C, 51, C7, 46, 34, 50, 10, 01, 00, C7, 86, A4, 00, 00, 00, 50, 11, 01, 00, C7, 86, 90, 00, 00, 00, A0, 13, 01, 00, FF, D7, 68, 88, 71, 01, 00, 6A, 00, 6A, 00, 6A, 22, 8D, 54, 24, 18, 52, 6A, 00, 56, FF, 15, 14, 60, 01, 00, 85, C0, 7C, 44, 68, CC, 60, 01, 00, 8D, 44, 24, 14, 50, FF, D7, 8D, 4C, 24, 08, 51, 8D, 54, 24, 14, 52, FF, 15, 34, 60, 01, 00, 8B, F0, 85, F6, 7D, 16, A1...
 
[+]

Code size:
19.5 KB (19,968 bytes)

Driver
Display name:
prl_pv32

Type:
Kernel device driver (KernelDriver)


Scan prl_pv32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.