home

smhwdev.sys

Huawei Technologies Co., Ltd. USB Modem/Serial Device Driver

Huawei Technologies Co., Ltd.

It runs as a Windows 64-bit kernel mode device driver named “SmartPhone dummy USB PNP Device (Normal)”.
Publisher:
Huawei Technologies Co., Ltd.

Product:
Huawei Technologies Co., Ltd. USB Modem/Serial Device Driver

Description:
USB Modem/Serial Device Driver

Version:
1. 0. 0. 9

MD5:
d6a7b4b28fa50efebc67168faa23f158

SHA-1:
cd7931664edce434802f65d0ca6bc9f64e235c67

SHA-256:
625cf5a61578f50e8905bce92425d089371a8abaaab84814fd03631c14714fae

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 7:42:40 PM UTC  (today)

File size:
111.8 KB (114,432 bytes)

Product version:
1. 0. 0. 9. SP00

Copyright:
Copyright (C) Huawei Technologies Co., Ltd. 2004-2006. All rights reserved.

Original file name:
ewusbdev.sys

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\smhwdev.sys

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
3072:YbbIAcWC6xkGH4+Y7wiNuICG6eRjckTRncamZvah/IiJK5aV:v3WC6pY+Zinck2sIl

Entry point:
48, 8B, 05, 71, F4, FF, FF, 49, B9, 32, A2, DF, 2D, 99, 2B, 00, 00, 48, 85, C0, 74, 05, 49, 3B, C1, 75, 2F, 4C, 8D, 05, 56, F4, FF, FF, 48, B8, 20, 03, 00, 00, 80, F7, FF, FF, 48, 8B, 00, 49, 33, C0, 49, B8, FF, FF, FF, FF, FF, FF, 00, 00, 49, 23, C0, 49, 0F, 44, C1, 48, 89, 05, 2E, F4, FF, FF, 48, F7, D0, 48, 89, 05, 2C, F4, FF, FF, E9, A7, 57, FE, FF, CC, CC, CC, E8, AB, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, F2, B4, 01, 00, B0, 92, 01, 00, B8, AB, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4A, B5, 01, 00...
 
[+]

Entropy:
6.2789

Driver
Display name:
SmartPhone dummy USB PNP Device (Normal)

Service name:
smhwdev

Type:
Kernel device driver (KernelDriver)


The file smhwdev.sys has been discovered within the following programs.

Micro Systemation Forensic Pack  by Micro Systemation AB
www.msab.com
About 5% of users remove it
 
Powered by Should I Remove It?

Scan smhwdev.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.