home

comcert.sys

Secure Folders

PROMOSOFT CORPORATION

It runs as a Windows kernel mode device driver named “comcert”.
Publisher:
Promosoft Software Limited  (signed by PROMOSOFT CORPORATION)

Product:
Secure Folders

Version:
1.0.0.8

MD5:
8e659512cb4b59d14cabac9cec80d073

SHA-1:
32dd7aae3c0632f228cb49eb847ad848e5ca0d3b

SHA-256:
01b487e077bcaad250f9c2d6ab75d9aa113a6fc1de38a4fd76cc3ba172634dbc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 4:42:33 AM UTC  (today)

File size:
38.1 KB (38,984 bytes)

Product version:
1.0.0.8

Copyright:
(c) Promosoft Software Limited. All rights reserved.

Original file name:
sfcore.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\comcert.sys

Digital Signature
Signed by:
PROMOSOFT CORPORATION

Authority:
DigiCert Inc

Valid from:
3/14/2013 9:00:00 AM

Valid to:
3/18/2014 9:00:00 PM

Subject:
CN=PROMOSOFT CORPORATION, O=PROMOSOFT CORPORATION, L=NEW YORK, S=New York, C=US

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0C270BEC9108F1095EBEDC5056928D8F

File PE Metadata
Compilation timestamp:
2/7/2014 9:10:50 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:Lmfn/c+pwppg7iOzQ+tOzQ3OzQeFjE54Kg:q//c+WgZzDIzHzfFQ54

Entry address:
0x663E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 1A, BB, FF, FF, CC, CC, E8, 66, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E2, 69, 00, 00, 48, 33, 00, 00, E0, 66, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 6A, 00, 00, 40, 33, 00, 00, A0, 66, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 84, 6B, 00, 00, 00, 33, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 6B, 00, 00, 3A, 6B, 00, 00, 26, 6B, 00, 00, 12, 6B, 00, 00, FC, 6A, 00, 00, E2, 6A, 00, 00, CE, 6A, 00, 00, B0, 6A...
 
[+]

Entropy:
6.8134

Code size:
13.1 KB (13,440 bytes)

Driver
Display name:
comcert

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Content Screener

Depends on:
FltMgr


Scan comcert.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.