home

prot_2k.sys

Pointsec

PointSec Mobile Technologies AB

It runs as a Windows kernel mode device driver named “prot_2k”.
Publisher:
PointSec Mobile Technologies AB  (signed and verified)

Product:
Pointsec

Description:
Pointsec, Post-boot filter driver

Version:
6.1.3 Build 1122

MD5:
5a39ffa9512e1fd4f194c3fa20bb8c91

SHA-1:
0229adb9872b54b90526e022f2f39c2bb97904f6

SHA-256:
c7e2e219dd09a74d3abfa251b180b7c266193589819da3751087ceb675ac5c01

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:31:29 AM UTC  (today)

File size:
232.9 KB (238,496 bytes)

Product version:
Version 6.1.3

Copyright:
Copyright © 1996-2006, Pointsec Mobile Technologies AB

Original file name:
prot_2k.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\prot_2k.sys

Digital Signature
Signed by:
PointSec Mobile Technologies AB

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/29/2005 9:22:44 AM

Valid to:
4/29/2007 9:22:44 AM

Subject:
CN=PointSec Mobile Technologies AB, OU=Product Operations - Product Management, O=PointSec Mobile Technologies AB, L=Stockholm, S=Stockholm, C=SE

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
212359

File PE Metadata
Compilation timestamp:
12/4/2006 10:48:29 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
6144:E9KdbC6IkgiolZ1pvyozPJ3DQl6S45Bk3IRJU:uRiC1pRzlDQl6j564g

Entry address:
0x35B05

Entry point:
A1, 8C, 16, 04, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 19, A1, 50, 9A, 03, 00, 8B, 00, 35, 8C, 16, 04, 00, A3, 8C, 16, 04, 00, 75, 06, 89, 0D, 8C, 16, 04, 00, E9, FF, D8, FC, FF, CC, CC, CC, 98, 5B, 03, 00, 00, 00, 00, 00, 00, 00, 00, 00, 76, 62, 03, 00, 90, 99, 02, 00, 88, 5B, 03, 00, 00, 00, 00, 00, 00, 00, 00, 00, 84, 62, 03, 00, 80, 99, 02, 00, CC, 5C, 03, 00, 00, 00, 00, 00, 00, 00, 00, 00, 5A, 63, 03, 00, C4, 9A, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5022

Code size:
167.4 KB (171,392 bytes)

Driver
Display name:
prot_2k

Type:
Kernel device driver (KernelDriver)


Scan prot_2k.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.