home

SHIELDMF.sys

EAZ SOLUTION, INC.

It runs as a Windows kernel mode device driver named “ShieldMF”.
Publisher:
EAZ SOLUTION, INC.  (signed and verified)

Description:
WINNT/2K/XP/2003 Driver

Version:
9.0.0.0 built by: WinDDK

MD5:
678e54282d314cfa22a2de2edfde0680

SHA-1:
4749280749df4538da03d1df55b38c8d1ea80a77

SHA-256:
bd0d8069b04aa503fc311ae51c72482082b350938b0e623f2624c5feee43cf36

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:23:05 AM UTC  (today)

File size:
19 KB (19,488 bytes)

Product version:
9.0.0.0

Copyright:
Patent pending. All rights reserved.

Original file name:
SHIELDMF.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\shield\shieldmf.sys

Digital Signature
Signed by:
EAZ SOLUTION, INC.

Authority:
VeriSign, Inc.

Valid from:
11/30/2011 7:00:00 PM

Valid to:
12/11/2013 6:59:59 PM

Subject:
CN="EAZ SOLUTION, INC.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="EAZ SOLUTION, INC.", L=Richardson, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
67993FAE7BB348467585BFAFE14FE2B9

File PE Metadata
Compilation timestamp:
11/8/2012 10:12:29 PM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
384:t2aPB7G7qJIe/ftS8EGLOqggZ3Wk/eRpulcmUHeMDd:tbpS+J3f/E6OqggZj/eR6k

Entry address:
0x2FC0

Entry point:
6E, 02, 4B, 65, 57, 61, 69, 74, 46, 6F, 72, 53, 69, 6E, 67, 6C, 65, 4F, 62, 6A, 65, 63, 74, 00, DE, 01, 49, 6F, 66, 43, 61, 6C, 6C, 44, 72, 69, 76, 65, 72, 00, 1D, 01, 49, 6F, 41, 6C, 6C, 6F, 63, 61, 74, 65, 49, 72, 70, 00, 0F, 02, 4B, 65, 49, 6E, 69, 74, 69, 61, 6C, 69, 7A, 65, 45, 76, 65, 6E, 74, 00, 2F, 03, 4F, 62, 66, 44, 65, 72, 65, 66, 65, 72, 65, 6E, 63, 65, 4F, 62, 6A, 65, 63, 74, 00, 00, 29, 03, 4F, 62, 52, 65, 66, 65, 72, 65, 6E, 63, 65, 4F, 62, 6A, 65, 63, 74, 42, 79, 50, 6F, 69, 6E, 74, 65, 72...
 
[+]

Entropy:
6.2203

Code size:
10.5 KB (10,752 bytes)

Driver
Display name:
ShieldMF

Type:
Kernel device driver (KernelDriver)


Scan SHIELDMF.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.