WinRing0.sys

WinRing0

Noriyuki MIYAZAKI

It runs as a Windows 64-bit kernel mode device driver named “WinRing0_1_2_0”.
Publisher:
OpenLibSys.org  (signed by Noriyuki MIYAZAKI)

Product:
WinRing0

Version:
1.2.0.5

MD5:
845af1ba23c8d5e64def61bcc441604c

SHA-1:
8ac34eb21b9b38f67cd29684c45696c20ab2e75a

SHA-256:
206ee7a7c3f4d9496f742ccb84718f556ecb4ba2a95fe7e0cdf3a003ffbe4597

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 5:46:14 PM UTC  (today)

File size:
14.1 KB (14,416 bytes)

Product version:
1.2.0.5

Copyright:
Copyright (C) 2007-2008 OpenLibSys.org. All rights reserved.

Original file name:
WinRing0.sys

File type:
Driver (Win64 SYS)

Language:
Japanese (Japan)

Common path:
C:\Program Files\batterycare\winring0.sys

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
9/24/2007 7:50:55 AM

Valid to:
9/24/2008 7:50:55 AM

Subject:
E=hiyohiyo@crystalmark.info, CN=Noriyuki MIYAZAKI, C=JP

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000115372421A8

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
384:zkg+wW5QDV08teHn+EgTWGYOf2OJ06dUb+m:JDV4+ECtfSJim

Entry point:
8B, FF, 55, 8B, EC, A1, 00, 11, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1E, 8B, 15, 2C, 0F, 01, 00, B8, 00, 11, 01, 00, C1, E8, 08, 33, 02, A3, 00, 11, 01, 00, 75, 07, 8B, C1, A3, 00, 11, 01, 00, F7, D0, A3, 04, 11, 01, 00, 5D, E9, CF, F8, FF, FF, CC, 28, 12, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 70, 13, 00, 00, 24, 0F, 00, 00, 04, 12, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 22, 14, 00, 00, 00, 0F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F2...
 
[+]

Entropy:
6.7581

Driver
Display name:
WinRing0_1_2_0

Type:
Kernel device driver (KernelDriver)


The file WinRing0.sys has been discovered within the following programs.

BatteryCare  by Filipe Lourenço
Publisher's description - “BatteryCare is a software created to optimize the usage and performance of the modern laptop's battery. It monitors the battery's discharge cycles and helps increasing it's autonomy and improving its lifetime.”
batterycare.net
About 7% of users remove it
CorsairLink  by Corsair
www.corsair.com
About 3% of users remove it
Intel Processor Diagnostic Tool  by Intel Corporation
Publisher's description - “This diagnostic tool checks for brand identification, verifies the processor operating frequency, tests specific processor features, and does a stress test on the processor. The tool can be configured to execute in one of two modes: Presence test mode or verification mode.”
www.intel.com/support/processors/sb/CS-031726.htm
10% remove it
MSI Gaming APP  by MSI Co., LTD
www.msi.com
6% remove it
www.playclaw.com
About 24% of users remove it
PlayClaw 5 Demo  by Edward Kozadaev
About 24% of users remove it
PlayClaw 5 fast codec  by Eduard Kozadaev
Publisher's description - “For showing off slick new tricks or proving you really can take down The Boss with one shot, nothing shows it better than video. PlayClaw is greatly optimized to use multi-core CPUs effectively. Ultra HD videos at a high frame rate is not a problem.”
6% remove it
RGB Fusion  by GIGABYTE
www.GIGABYTE.com
7% remove it
Sample Production Bit Checker  by Intel Corporation
www.Intel.com
12% remove it
 
Powered by Should I Remove It?

Scan WinRing0.sys - Powered by Reason Core Security