home

btowsvf.sys

Toolwiz TimeFreeze 2013

Igloo systems Inc.

It runs as a Windows kernel mode device driver named “BTOWSVF”.
Publisher:
Toolwiz.com  (signed by Igloo systems Inc.)

Product:
Toolwiz TimeFreeze 2013

Description:
Toolwiz TimeFreeze

Version:
2.1.1.0

MD5:
34497b1dfa198939ad5041e7d306b128

SHA-1:
cf2eb54906d7bfff3748f8b559d6fe24e7e3fee4

SHA-256:
6fabf7732aaee3a20f38c203c5d01dc46e38b2662d6951077004c6554f81c95d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 11:56:50 PM UTC  (a few moments ago)

File size:
42.8 KB (43,864 bytes)

Product version:
2.1.1.0

Copyright:
Copyright (C) Toolwiz 2013

Trademarks:
Toolwiz

Original file name:
Sandbox.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\btowsvf.sys

Digital Signature
Signed by:
Igloo systems Inc.

Authority:
Symantec Corporation

Valid from:
1/5/2016 2:00:00 AM

Valid to:
1/5/2017 1:59:59 AM

Subject:
CN=Igloo systems Inc., O=Igloo systems Inc., L=Namyangju-si, S=Gyeonggi-do, C=KR

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
676EC2A34B70B332C4A74A7FB2E3A606

File PE Metadata
Compilation timestamp:
1/7/2016 5:26:33 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
768:VJnse1sRLneIikX7az81s3ZqPVDyeGSWWkS4r9:fse1sNeIiSM81qgg1SWWknr9

Entry address:
0x7A85

Entry point:
8B, FF, 55, 8B, EC, A1, 00, 79, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1A, A1, 1C, 78, 01, 00, 8B, 00, 35, 00, 79, 01, 00, A3, 00, 79, 01, 00, 75, 07, 8B, C1, A3, 00, 79, 01, 00, F7, D0, A3, 04, 79, 01, 00, 5D, E9, 8B, BF, FF, FF, CC, 0C, 7B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 24, 82, 00, 00, 0C, 77, 00, 00, 00, 7B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 5A, 82, 00, 00, 00, 77, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 82, 00, 00, 46...
 
[+]

Code size:
30.6 KB (31,360 bytes)

Driver
Display name:
BTOWSVF

Type:
Kernel device driver (KernelDriver)

Group:
Pnp Filter


Scan btowsvf.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.