home

ecsther0001.sys

Windows Win 7 DDK driver

Elitegroup Computer Systems Co Ltd

It runs as a Windows kernel mode device driver named “ECS THER0001 Peripheral Service”.
Publisher:
Windows (R) Win 7 DDK provider  (signed by Elitegroup Computer Systems Co Ltd)

Product:
Windows (R) Win 7 DDK driver

Description:
SPB Test Tool Peripheral Driver

Version:
6.3.9600.16384

MD5:
535cd46da73a6d892b1f0ede78b9b504

SHA-1:
9814e7395bd5c38d1dfd809abda844a5a6bb1496

SHA-256:
866a7302670bc10b96c355421bc4864c4696de8d4c4f44ad32fa193feb2b73dd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 2:07:19 AM UTC  (today)

File size:
51.2 KB (52,384 bytes)

Product version:
6.3.9600.16384

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
SpbTestTool.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\ecsther0001.sys

Digital Signature
Signed by:
Elitegroup Computer Systems Co Ltd

Authority:
Symantec Corporation

Valid from:
8/17/2015 8:00:00 AM

Valid to:
7/7/2018 7:59:59 AM

Subject:
CN=Elitegroup Computer Systems Co Ltd, O=Elitegroup Computer Systems Co Ltd, L=Taipei, S=Taiwan, C=TW, SERIALNUMBER=22449566, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=TW

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
3DFBEF5C948AFCDF81EDE712C094CDC3

File PE Metadata
Compilation timestamp:
1/14/2016 6:34:59 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

Entry address:
0x6AB2

Entry point:
8B, FF, 55, 8B, EC, E8, 44, 45, 00, 00, 5D, E9, 00, 00, 00, 00, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 75, 0E, FF, 75, 0C, 56, E8, 16, AF, FF, FF, E9, AE, 00, 00, 00, 53, 57, FF, 75, 0C, BF, E8, 9D, 40, 00, 89, 35, D4, 9B, 40, 00, 57, C7, 05, E8, 9D, 40, 00, 00, 00, 08, 02, C7, 05, EC, 9D, 40, 00, E0, 9B, 40, 00, FF, 15, 60, 80, 40, 00, 68, D0, 9B, 40, 00, BB, 7C, 94, 40, 00, 53, 57, 56, E8, A2, 01, 00, 00, 85, C0, 78, 6B, 53, E8, E6, 00, 00, 00, 8B, F8, 85, FF, 78, 58, E8, 8D, 00, 00, 00, 8B, F8, 85...
 
[+]

Entropy:
6.7171

Code size:
29 KB (29,696 bytes)

Driver
Display name:
ECS THER0001 Peripheral Service

Service name:
EcsTher0001

Type:
Kernel device driver (KernelDriver)

Group:
Base


Scan ecsther0001.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.