home

VTIO.sys

VTIO

Hangzhou Shunwang Information Technology Co., Ltd

It runs as a Windows kernel mode device driver named “VtIO”.
Publisher:
杭州顺网科技股份有限公司  (signed by Hangzhou Shunwang Information Technology Co., Ltd)

Product:
VTIO

Description:
VTIO.sys

Version:
2011.1.24.17

MD5:
67a3a72d6243753a968ce9d61ee6d95d

SHA-1:
36bf0134c3bd90337f008ceaeee2f86207586e6a

SHA-256:
69cdedf3d3173e48ff8e3c2e573d42d0168f5a18449171ddab0c57153ab8e70b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 8:52:55 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
Suspicious
23.00.65.161130

File size:
55.3 KB (56,656 bytes)

Product version:
2011.1.24.17

Copyright:
版权所有 (C) 杭州顺网科技股份有限公司

Original file name:
VTIO.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\vtio.sys

Digital Signature
Signed by:
Hangzhou Shunwang Information Technology Co., Ltd

Authority:
GlobalSign nv-sa

Valid from:
6/26/2009 1:34:08 PM

Valid to:
6/27/2011 1:34:04 PM

Subject:
CN="Hangzhou Shunwang Information Technology Co., Ltd", OU="Hangzhou Shunwang Information Technology Co., Ltd", O="Hangzhou Shunwang Information Technology Co., Ltd", C=CN

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001221B4097E0

File PE Metadata
Compilation timestamp:
1/24/2011 5:21:18 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
1536:hcfWob3bjcaKC+M5mylNXEgFixP1NRJ+0:hcfrmylNJFixfRJ

Entry address:
0xAA05

Entry point:
8B, FF, 55, 8B, EC, A1, B8, A5, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1A, A1, DC, 99, 01, 00, 8B, 00, 35, B8, A5, 01, 00, A3, B8, A5, 01, 00, 75, 07, 8B, C1, A3, B8, A5, 01, 00, F7, D0, A3, BC, A5, 01, 00, 5D, E9, 5D, 5B, FF, FF, CC, 8C, AA, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F8, B3, 00, 00, 8C, 98, 00, 00, 80, AA, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 3A, B4, 00, 00, 80, 98, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 06, B4, 00, 00, 20...
 
[+]

Entropy:
6.4754

Code size:
39.6 KB (40,576 bytes)

Driver
Display name:
VtIO

Type:
Kernel device driver (KernelDriver)


Scan VTIO.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.