home

regguard.sys

RegRun Security Suite

Greatis Software, LLC

It runs as a Windows kernel mode device driver named “RegGuard”.
Publisher:
Greatis Software  (signed by Greatis Software, LLC)

Product:
RegRun Security Suite

Description:
Registry Guard - registry keys protection driver for Windows NT/2000/XP/2003/Vista

Version:
4, 0, 6, 0

MD5:
d2b82b22d9ee7389299de360d60d2a77

SHA-1:
e06ef445b7d588f28a4b2b87826c73b01b5dbf96

SHA-256:
78422c7c081d40980de6a6751386cb1c2c2ac6568a54053be6d19bbab12b04d8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 3:31:01 PM UTC  (today)

File size:
28.9 KB (29,584 bytes)

Product version:
4.60

Copyright:
Copyright (C) 2006 Greatis Software

Original file name:
regguard.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\regguard.sys

Digital Signature
Signed by:
Greatis Software, LLC

Authority:
The USERTRUST Network

Valid from:
11/24/2008 1:00:00 AM

Valid to:
11/25/2010 12:59:59 AM

Subject:
CN="Greatis Software, LLC", O="Greatis Software, LLC", STREET="1-65, Turgeneva", L=Yaroslavl, S=Yaroslavl, PostalCode=150054, C=RU

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
4B5179A3ECC3D3E2BE18F660088FE088

File PE Metadata
Compilation timestamp:
5/10/2006 6:48:18 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
6.0

CTPH (ssdeep):
768:QRo4Js8+ZZ2XAiiN6UpTiOqsFHGjoiQ/21ZsQZIF:ooyEZ2XAiiNGjoF/2bjZIF

Entry address:
0x38A

Entry point:
55, 8B, EC, 83, EC, 78, 56, 57, B9, 0C, 00, 00, 00, BE, C0, 02, 01, 00, 8D, 7D, C0, F3, A5, C7, 45, F0, 00, 00, 00, 00, 68, F0, 02, 01, 00, E8, 5E, 4D, 00, 00, 83, C4, 04, 68, FC, 02, 01, 00, E8, 51, 4D, 00, 00, 83, C4, 04, 68, 10, 03, 01, 00, E8, 44, 4D, 00, 00, 83, C4, 04, 68, 14, 03, 01, 00, 8D, 45, 98, 50, FF, 15, 4C, 51, 01, 00, 8D, 4D, F0, 51, 6A, 00, 6A, 00, 6A, 22, 8D, 55, 98, 52, 6A, 10, 8B, 45, 08, 50, FF, 15, 48, 51, 01, 00, 89, 45, FC, 83, 7D, FC, 00, 7D, 08, 8B, 45, FC, E9, A5, 00, 00, 00, 8B...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
20.8 KB (21,248 bytes)

Driver
Display name:
RegGuard

Type:
Kernel device driver (KernelDriver)


Scan regguard.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.