home

ComputerZ.Sys

Ludashi System Driver

Chengdu Qiying Technology Co.,Ltd.

It runs as a Windows kernel mode device driver named “ComputerZ”.
Publisher:
鲁大师  (signed by Chengdu Qiying Technology Co.,Ltd.)

Product:
Ludashi System Driver

Version:
1.4.10.1231

MD5:
cafafba59ec7e10d890b08886191cdcb

SHA-1:
7f79238de58d5349e5bba09289bd54dc268ad806

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 1:52:29 AM UTC  (today)

File size:
17.1 KB (17,512 bytes)

Product version:
1.4.10.1231

Copyright:
Copyright (C) 2008-2010 www.ludashi.com

Trademarks:
鲁大师

Original file name:
ComputerZ.Sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\computerz.sys

Digital Signature
Signed by:
Chengdu Qiying Technology Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/31/2010 8:00:00 AM

Valid to:
4/1/2011 7:59:59 AM

Subject:
CN="Chengdu Qiying Technology Co.,Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Chengdu Qiying Technology Co.,Ltd.", L=Chengdu, S=Sichuan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
61359AC44514D781769FD643666B4572

File PE Metadata
Compilation timestamp:
12/31/2010 5:10:22 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:Dw38DtZxt/0W0yYTLRuYZSYJLu1M6jQKukbCzgr9SUJ:MGZkdZ7LWMm7bCzg5SUJ

Entry address:
0x503E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, E2, C5, FF, FF, CC, CC, 78, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F0, 52, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E0, 50, 00, 00, F2, 50, 00, 00, 0A, 51, 00, 00, 22, 51, 00, 00, 38, 51, 00, 00, 50, 51, 00, 00, 62, 51, 00, 00, 7A, 51, 00, 00, 92, 51, 00, 00, A6, 51, 00, 00, C2, 51, 00, 00, E2, 51, 00, 00, F6, 51, 00, 00, 06, 52, 00, 00, 1E, 52, 00, 00, 2E, 52, 00, 00, 4E, 52, 00, 00, 62, 52...
 
[+]

Entropy:
6.4551

Code size:
7 KB (7,168 bytes)

Driver
Display name:
ComputerZ

Type:
Kernel device driver (KernelDriver)


Scan ComputerZ.Sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.