home

passguard.sys

PassGuard Application

北京微通新成网络科技有限公司

It runs as a Windows kernel mode device driver named “PassGuard”.
Publisher:
北京微通新成网络科技有限公司  (signed and verified)

Product:
PassGuard Application

Version:
1.0.1.8

MD5:
6b54366aa2174bdf39a82c2eab79cb35

SHA-1:
2b712e9e4a83e48bd3efcb8cc749dd39047968c3

SHA-256:
106420aca42c5703b3cff8282f55f669ed94b32f7da8ca4fd334dca4b57ae9da

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
6/24/2025 11:25:02 AM UTC  (today)

File size:
344 KB (352,232 bytes)

Product version:
1.0.1.7

Copyright:
Copyright (C) 2010

Original file name:
PassGuard

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\passguard.sys

Digital Signature
Signed by:
北京微通新成网络科技有限公司

Authority:
Symantec Corporation

Valid from:
1/13/2015 8:00:00 AM

Valid to:
2/12/2017 7:59:59 AM

Subject:
CN=北京微通新成网络科技有限公司, O=北京微通新成网络科技有限公司, L=BeiJing, S=BeiJing, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0EC1711942F30778055A155974E64581

File PE Metadata
Compilation timestamp:
11/4/2016 12:20:00 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x7560

Entry point:
55, 8B, EC, 83, EC, 28, C7, 45, F8, 00, 00, 00, 00, E9, A3, C2, 03, 00, 58, 90, 90, 90, 90, 90, 50, 68, 60, D6, 01, 00, FF, 15, F0, B0, 01, 00, E9, 47, EC, 02, 00, 58, 90, 90, 90, 90, 90, 50, 68, 50, D6, 01, 00, FF, 15, F0, B0, 01, 00, A1, D8, B0, 01, 00, 0F, BE, 08, C1, E1, 02, 89, 4D, F4, 8B, 55, F4, 52, 6A, 00, FF, 15, 34, B0, 01, 00, A3, 0C, 00, 02, 00, 8B, 45, F4, 50, 6A, 00, FF, 15, 34, B0, 01, 00, A3, 10, 00, 02, 00, 8B, 4D, F4, 51, 6A, 00, FF, 15, 34, B0, 01, 00, A3, 14, 00, 02, 00, 8B, 55, F4, 52...
 
[+]

Entropy:
7.9003

Developed / compiled with:
Microsoft Visual C++

Code size:
39 KB (39,936 bytes)

Driver
Display name:
PassGuard

Type:
Kernel device driver (KernelDriver)


Scan passguard.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.