How to remove LdsDrvInst64.exe

LdsDrvInst64.exe

The module LdsDrvInst64.exe has been detected as Adware.LuDaShi

LdsDrvInst64.exe
Remove LdsDrvInst64.exe

File Details

Product Name:

鲁大师 驱动安装模块
MD5: 66c3a6807506651713ddf2789256ee0b
Size: 150 KB
First Published: 2017-05-21 04:02:37 (8 years ago)
Latest Published: 2024-11-05 23:01:44 (10 months ago)
Status: Adware.LuDaShi (on last analysis)
Analysis Date: 2024-11-05 23:01:44 (10 months ago)

Overview

Signed By: Qihoo 360 Software (Beijing) Company Limited
Status: Valid

Common Places:

%programfiles%\ludashi\utils
%appdata%\360bizhi\utils
%profile%\dministrator\application data\360bizhi\utils
%programfiles%\ludashi
%programfiles%\ludashi\ludashi
%profile%\dministrator\application data\360bizhi
%appdata%\360bizhi
%appdata%\360bizhi\360bizhi
%system%\config\systemprofile\appdata\roaming\360bizhi
%programfiles%\ludashi

Geography:

Taiwan 35.8%
China 31.8%
Hong Kong 10.3%
United States 3.6%
Vietnam 1.7%
Malaysia 1.7%
Japan 1.3%
France 1.0%
Netherlands 1.0%
Italy 1.0%
Ukraine 1.0%
Austria 1.0%
South Korea 1.0%
Chile 0.7%
Brazil 0.7%
Australia 0.7%
Canada 0.7%
Germany 0.7%
Ecuador 0.7%
Indonesia 0.7%
Singapore 0.7%
Thailand 0.3%
Cambodia 0.3%
Saudi Arabia 0.3%
Honduras 0.3%
Russia 0.3%
Macau 0.3%
Spain 0.3%
Ireland 0.3%

OS Version:

Windows 10 68.0%
Windows 7 23.4%
Windows 8.1 4.0%
Windows XP 2.0%
Windows Server 2008 R2 1.3%
Windows 8 0.7%
Windows Embedded 8.1 0.3%
Windows Server 2003 0.3%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x0000977c

PE Sections:

Name Size of data MD5
.text 98304 89cfe0bee80d53186aa0d006fda1d3a4
.rdata 28672 c6922ce335e9e7eb56c74052ba929d45
.data 6144 060cc9a8f2499561bc0d95b92d214573
.pdata 6144 4b1b5cb7abe702c7a2c3b59751336cbe
.rsrc 3072 c77f03935c8cbbc21e640cea070fc972
.reloc 1536 a6e9527b6d5c09cf5330b7ff47fef868

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for LdsDrvInst64.exe
copyright for information about LdsDrvInst64.exe
­