home

shdbusi64.sys

New Horizon DataSys Inc.

Publisher:
New Horizon DataSys Inc.  (signed and verified)

Description:
WINNT/2K/XP/2003 Driver

Version:
9.0.0.0 built by: WinDDK

MD5:
5f3d0396b5e7124df3b547dc74bcd9b5

SHA-1:
f07bb7cf784227d6835d0382f05794099697893e

SHA-256:
d31e2d38542c5e38ab18e34dfc0128e55e34396ff1a3c75f81143eefb21e3b77

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 11:33:22 AM UTC  (today)

File size:
13.3 KB (13,648 bytes)

Product version:
9.0.0.0

Copyright:
Patent pending. All rights reserved.

Original file name:
SHDBUS.sys

File type:
Driver (Win64 SYS)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\multirecovery\setup\system32\drivers\shdbusi64.sys

Digital Signature
Signed by:
New Horizon DataSys Inc.

Authority:
VeriSign, Inc.

Valid from:
9/24/2008 9:00:00 AM

Valid to:
9/25/2009 8:59:59 AM

Subject:
CN=New Horizon DataSys Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=New Horizon DataSys Inc., L=Vancouver, S=British Columbia, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5017BFBCBEFDD0117F978F02D08C7C90

File PE Metadata
Compilation timestamp:
4/12/2009 1:19:47 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
7.10

Entry address:
0x4050

Entry point:
00, 26, 01, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00, 52, 53, 44, 53, 98, 41, 4A, C0, 79, 2A, EC, 41, 8F, 55, EB, 7E, D4, C1, AE, 9B, 01, 00, 00, 00, 47, 3A, 5C, 63, 76, 73, 68, 6F, 6D, 65, 5C, 65, 61, 7A, 66, 69, 78, 5C, 73, 79, 73, 5F, 73, 68, 69, 65, 6C, 64, 5C, 49, 6E, 64, 65, 70, 65, 6E, 64, 65, 6E, 74, 5C, 44, 52, 49, 56, 45, 52, 5C, 57, 49, 4E, 4E, 54, 5C, 53, 48, 44, 42, 55, 53, 5C, 6F, 62, 6A, 66, 72, 65, 5F, 77, 6E, 65, 74, 5F, 49, 41, 36, 34, 5C, 69, 61, 36, 34, 5C, 53, 48, 44, 42, 55...
 
[+]

Entropy:
5.3305

Code size:
4.5 KB (4,608 bytes)

Scan shdbusi64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.