home

PSMounter.sys

PSMounter

Paramount Software UK Ltd

It runs as a Windows kernel mode device driver named “Macrium Reflect Image Explorer Service”.
Publisher:
Macrium Software  (signed by Paramount Software UK Ltd)

Product:
PSMounter

Description:
Macrium Reflect Virtual Disk Driver

Version:
5, 0, 4175, 0

MD5:
4e24cfd55cae9d7726e367eb7e357d04

SHA-1:
83360b74c2c00ab87b1fd331076c338b60b79976

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 7:37:02 AM UTC  (today)

File size:
46.1 KB (47,256 bytes)

Product version:
5, 0, 4175, 0

Copyright:
Copyright (C) 2008 Paramount Software UK Ltd

Original file name:
PSMounter.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\psmounter.sys

Digital Signature
Signed by:
Paramount Software UK Ltd

Authority:
GlobalSign nv-sa

Valid from:
11/9/2010 12:36:13 AM

Valid to:
11/9/2013 12:36:10 AM

Subject:
CN=Paramount Software UK Ltd, O=Paramount Software UK Ltd, L=Manchester, S=Greater Manchester, C=GB

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012C2C8AD4A2

File PE Metadata
Compilation timestamp:
12/13/2011 8:28:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

Entry address:
0xE180

Entry point:
83, EC, 64, 55, 56, 68, BC, 14, 01, 00, E8, BB, 75, FF, FF, 8B, 74, 24, 78, 66, 8B, 06, 66, 05, 18, 00, 83, C4, 04, 66, 89, 44, 24, 0E, 0F, B7, C0, 68, 44, 64, 6B, 20, 50, 33, ED, 6A, 01, 66, 89, 6C, 24, 18, FF, 15, 2C, 10, 01, 00, 3B, C5, 89, 44, 24, 10, 75, 0D, 5E, B8, 9A, 00, 00, C0, 5D, 83, C4, 64, C2, 08, 00, 56, 8D, 4C, 24, 10, 51, FF, 15, 98, 10, 01, 00, 68, A4, 14, 01, 00, 8D, 54, 24, 10, 52, FF, 15, 94, 10, 01, 00, 6A, 38, 8D, 44, 24, 38, 55, 50, E8, 6A, 75, FF, FF, 8B, 44, 24, 1C, 83, C4, 0C, 55...
 
[+]

Entropy:
6.7664

Code size:
34 KB (34,816 bytes)

Driver
Display name:
Macrium Reflect Image Explorer Service

Service name:
PSMounter

Description:
Macrium Reflect Image Explorer Service. Allows images and backups to be accessed by Windows Explorer

Type:
Kernel device driver (KernelDriver)


Scan PSMounter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.