home

PowerSaveZ.Sys

360硬件大师

Chengdu Qiying Technology Co.,Ltd.

Publisher:
360.cn  (signed by Chengdu Qiying Technology Co.,Ltd.)

Product:
360硬件大师

Description:
Ludashi System Driver

Version:
1.6.11.523

MD5:
3dd0dc2ee08d9387e7f953de70274ca8

SHA-1:
7094d12e9a1657b03b2b6174ef42c92ab16b1428

SHA-256:
444adc82bdfb8030dc99cbff29e4a7ec62f66eb8504e92d3e4eb9727f12bb3b9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 9:56:31 PM UTC  (today)

File size:
16.8 KB (17,224 bytes)

Product version:
1.6.11.523

Copyright:
版权所有 (C) 2010-2011 360.cn

Trademarks:
360硬件大师

Original file name:
PowerSaveZ.Sys

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\ludashi\powersavez.sys

Digital Signature
Signed by:
Chengdu Qiying Technology Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/24/2011 8:00:00 AM

Valid to:
4/22/2012 7:59:59 AM

Subject:
CN="Chengdu Qiying Technology Co.,Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Chengdu Qiying Technology Co.,Ltd.", L=Chengdu, S=Sichuan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4EB872F0C388229AE038B56303FCFDD5

File PE Metadata
Compilation timestamp:
5/23/2011 12:11:15 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:Jisy3M9zBLn4HJkqYJLca6jxKurNN08eM9v9:JWiLnsKjLFm/3t

Entry address:
0x403E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, AA, DC, FF, FF, CC, CC, 78, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4A, 43, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E8, 40, 00, 00, FC, 40, 00, 00, 14, 41, 00, 00, 2A, 41, 00, 00, 44, 41, 00, 00, 5C, 41, 00, 00, 74, 41, 00, 00, 94, 41, 00, 00, A4, 41, 00, 00, B8, 41, 00, 00, D0, 41, 00, 00, EC, 41, 00, 00, 0C, 42, 00, 00, 20, 42, 00, 00, 38, 42, 00, 00, 48, 42, 00, 00, 68, 42, 00, 00, 7C, 42...
 
[+]

Entropy:
6.5294

Code size:
5 KB (5,120 bytes)

Scan PowerSaveZ.Sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.