home

RegFilter.sys

IObit Malware Fighter

IObit Information Technology

It runs as a Windows kernel mode device driver named “RegFilter”.
Publisher:
IObit.com  (signed by IObit Information Technology)

Product:
IObit Malware Fighter

Description:
Registry Filter

Version:
1.5 built by: WinDDK

MD5:
806d65c2c297f5ac82c4bde2ba8d2148

SHA-1:
bafc573c207d1880057375969ff588f9cf513d85

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/5/2024 11:23:03 PM UTC  (a few moments ago)

File size:
30.9 KB (31,680 bytes)

Product version:
1.5

Copyright:
Copyright (c) 2005-2012

Original file name:
RegFilter.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Digital Signature
Signed by:
IObit Information Technology

Authority:
VeriSign, Inc.

Valid from:
3/21/2016 1:00:00 AM

Valid to:
3/24/2018 12:59:59 AM

Subject:
CN=IObit Information Technology, O=IObit Information Technology, L=Chengdu, S=Sichuan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
58EB3F3A0B0D9C195DAFCA1A28D43C41

File PE Metadata
Compilation timestamp:
11/19/2013 5:39:58 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x4D3E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 8A, D8, FF, FF, CC, CC, 98, 4D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7A, 53, 00, 00, 0C, 45, 00, 00, 8C, 4D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B0, 53, 00, 00, 00, 45, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 88, 53, 00, 00, 9C, 53, 00, 00, 00, 00, 00, 00, C4, 4E, 00, 00, E4, 4E, 00, 00, 04, 4F, 00, 00, 1E, 4F, 00, 00, 36, 4F, 00, 00, 4E, 4F, 00, 00, 62, 4F, 00, 00, 7A, 4F, 00, 00, 8C, 4F, 00, 00, A4, 4F...
 
[+]

Code size:
17.9 KB (18,304 bytes)

Driver
Display name:
RegFilter

Type:
Kernel device driver (KernelDriver)


Scan RegFilter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.