imfdownprotect.sys

IObit Malware Fighter

IObit Information Technology

It runs as a Windows kernel mode device driver named “IMFDownProtect”.
Publisher:
IObit.com  (signed by IObit Information Technology)

Product:
IObit Malware Fighter

Description:
ForceDelete

Version:
1.0 built by: WinDDK

MD5:
ea52af5e93b2036fcf7415883faddebf

SHA-1:
5afa53411e32568771c70657418a17d04c552812

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 11:40:59 AM UTC  (today)

File size:
19.9 KB (20,336 bytes)

Product version:
1.0

Copyright:
Copyright (c) 2016-2017

Original file name:
ForceDelete.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/21/2016 1:00:00 AM

Valid to:
3/24/2018 12:59:59 AM

Subject:
CN=IObit Information Technology, O=IObit Information Technology, L=Chengdu, S=Sichuan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
58EB3F3A0B0D9C195DAFCA1A28D43C41

File PE Metadata
Compilation timestamp:
12/26/2016 4:11:45 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x603E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 34, C6, FF, FF, CC, CC, 94, 60, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6E, 63, 00, 00, 08, 30, 00, 00, 8C, 60, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 9C, 63, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 88, 63, 00, 00, 00, 00, 00, 00, 30, 61, 00, 00, 40, 61, 00, 00, 5C, 61, 00, 00, 74, 61, 00, 00, 7E, 61, 00, 00, 98, 61, 00, 00, B0, 61, 00, 00, C4, 61, 00, 00, DA, 61, 00, 00, EA, 61, 00, 00, FA, 61...
 
[+]

Code size:
8.5 KB (8,704 bytes)

Driver
Display name:
IMFDownProtect

Type:
Kernel device driver (KernelDriver)


Scan imfdownprotect.sys - Powered by Reason Core Security