home

prot_2k.sys

Pointsec

PointSec Mobile Technologies AB

It runs as a Windows kernel mode device driver named “prot_2k”.
Publisher:
PointSec Mobile Technologies AB  (signed and verified)

Product:
Pointsec

Description:
Pointsec, Post-boot filter driver

Version:
6.1.3 HF2 Build 1154

MD5:
577972c63aa04c82cf7bb7be9347dd1d

SHA-1:
dad8acaf02c587083ae3f5a89527b107a6f59eeb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 2:15:18 PM UTC  (today)

File size:
232.9 KB (238,496 bytes)

Product version:
Version 6.1.3 HF2

Copyright:
Copyright © 1996-2007, Pointsec Mobile Technologies AB

Original file name:
prot_2k.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\prot_2k.sys

Digital Signature
Signed by:
PointSec Mobile Technologies AB

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/29/2005 9:22:44 AM

Valid to:
4/29/2007 9:22:44 AM

Subject:
CN=PointSec Mobile Technologies AB, OU=Product Operations - Product Management, O=PointSec Mobile Technologies AB, L=Stockholm, S=Stockholm, C=SE

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
212359

File PE Metadata
Compilation timestamp:
3/7/2007 5:20:19 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
6144:x9KdbC6IkgiolZ1pvyozPJ3DQl6S45Bk3CW0Z:HRiC1pRzlDQl6j56SV

Entry address:
0x35B05

Entry point:
A1, 8C, 16, 04, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 19, A1, 50, 9A, 03, 00, 8B, 00, 35, 8C, 16, 04, 00, A3, 8C, 16, 04, 00, 75, 06, 89, 0D, 8C, 16, 04, 00, E9, FF, D8, FC, FF, CC, CC, CC, 98, 5B, 03, 00, 00, 00, 00, 00, 00, 00, 00, 00, 76, 62, 03, 00, 90, 99, 02, 00, 88, 5B, 03, 00, 00, 00, 00, 00, 00, 00, 00, 00, 84, 62, 03, 00, 80, 99, 02, 00, CC, 5C, 03, 00, 00, 00, 00, 00, 00, 00, 00, 00, 5A, 63, 03, 00, C4, 9A, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5023

Code size:
167.4 KB (171,392 bytes)

Driver
Display name:
prot_2k

Type:
Kernel device driver (KernelDriver)


Scan prot_2k.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.