home

fltw.exe

WtFilterServ

Zimin Sergei Aleksandrovich IP

It runs as a separate (within the context of its own process) windows Service named “WtFilterServ”.
Publisher:
Zimin Sergei Aleksandrovich IP  (signed and verified)

Product:
WtFilterServ

Version:
3.1.0.0

MD5:
ddb33ba6034714083997896e1cd21bbf

SHA-1:
5273e8dc70867192ef2235bfb4af55a3d2dda588

SHA-256:
e6d513937aad9977f49f11e194dbca6e7e281529ff7a98157f9e2610a9a34430

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 6:22:39 AM UTC  (today)

File size:
1.4 MB (1,446,808 bytes)

Product version:
3.1.0.0

File type:
Executable application (Win32 EXE)

Language:
Russian (Russia)

Common path:
C:\Windows\System32\fltw.exe

Digital Signature
Signed by:
Zimin Sergei Aleksandrovich IP

Authority:
VeriSign, Inc.

Valid from:
4/2/2012 2:00:00 AM

Valid to:
4/3/2013 1:59:59 AM

Subject:
CN=Zimin Sergei Aleksandrovich IP, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Zimin Sergei Aleksandrovich IP, L=Murom, S=Vladimir rgn., C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
72B6A7B444FE8DEE4102522A4F585AF5

File PE Metadata
Compilation timestamp:
12/11/2012 4:44:27 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x41489

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 3B, 70, 45, 00, 18, 71, B3, E3, D6, 6C, A6, D4, A0, 51, 56, 42, E9, 8E, 96, 0C, 15, 9E, A0, 6C, 12, 2C, F7, 0C, 42, 15, E4, 07, D7, A3, 01, 8C, F8, E6, C7, 54, B8, EB, 7E, 02, BE, 08, 86, 16, 75, E0, 64, 25, 9D, 89, 4F, 73, 90, F2, CA, 65, E9, 9C, BB, BE, DD, 5B, 7A, FC, 93, 62, E5, D6, F4, 2C, 98, C8, 94, 4F, 8B, 05, D9, E4, 4E, 88, 6D, 91, 71, F0, C6, D4, 35, F9, 31, 23, 51, 63, BA, 40, C3, CC, C6, A3, A9, 9C...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.1 MB (1,122,816 bytes)

Service
Display name:
WtFilterServ

Service name:
wtflserv

Type:
Win32OwnProcess


Scan fltw.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.