home

windrvr6.sys

WinDriver Device Driver (x86)

Talkswitch

It runs as a Windows kernel mode device driver named “WinDriver6”.
Publisher:
Jungo  (signed by Talkswitch)

Product:
WinDriver Device Driver (x86)

Description:
WinDriver Device Driver 8.11

Version:
8.11

MD5:
b0d0b1b87be7128f77f5eec5b2c3cc30

SHA-1:
473ef7b1db00317b5a5ed91020197b4b38cc9e6f

SHA-256:
b97866fa93904fbd9802b459bc48ba7e7e3392acc7940656e02d28e28d185248

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:28:23 PM UTC  (a few moments ago)

File size:
196.6 KB (201,344 bytes)

Product version:
8.11

Copyright:
Copyright © Jungo 1997 - 2006

Original file name:
windrvr6.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\windrvr6.sys

Digital Signature
Signed by:
Talkswitch

Authority:
VeriSign, Inc.

Valid from:
2/8/2007 4:00:00 PM

Valid to:
2/9/2010 3:59:59 PM

Subject:
CN=Talkswitch, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Talkswitch, S=Ontario, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0D252EBF7190222724038484FC92C1A7

File PE Metadata
Compilation timestamp:
10/16/2006 3:35:15 AM

OS version:
3.51

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
6.0

CTPH (ssdeep):
6144:t6feGUHh2DnhqPlMP85G9byHPzKSwSI9O4:tviDYH75IU4

Entry address:
0xD410

Entry point:
55, 8B, EC, 53, 57, 68, 44, 04, 40, 00, 68, 00, 06, 40, 00, E8, 02, ED, 01, 00, 8B, 45, 0C, 8B, 5D, 08, 83, C4, 08, 50, 53, E8, 2C, FF, FF, FF, 8B, F8, 85, FF, 89, 7D, 0C, 0F, 85, 45, 01, 00, 00, 56, E8, E9, FC, FF, FF, 83, F8, 62, 0F, 85, C2, 00, 00, 00, E8, 2B, EA, 01, 00, 8B, F0, 85, F6, 0F, 84, B3, 00, 00, 00, 8B, 46, 0B, 85, C0, 74, 12, 50, 68, F4, 05, 40, 00, E8, C1, EC, 01, 00, 83, C4, 08, 85, C0, 74, 0B, 8B, 36, 85, F6, 75, E1, E9, 8F, 00, 00, 00, 85, F6, 0F, 84, 87, 00, 00, 00, 8B, 15, 40, C6, 42...
 
[+]

Entropy:
6.6092

Developed / compiled with:
Microsoft Visual C++

Code size:
176.2 KB (180,416 bytes)

Driver
Display name:
WinDriver6

Type:
Kernel device driver (KernelDriver)


Scan windrvr6.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.