home

liveio.sys

Elitegroup Computer Systems Co LTD.

It runs as a Windows kernel mode device driver named “LiveIO”.
Publisher:
Elitegroup Computer Systems Co LTD.   (signed and verified)

MD5:
3fcd253baf730328ff50a7805af67941

SHA-1:
09f674d1384a478cb42f0de5d379db105d9248d0

SHA-256:
d249e029480d04c91a287ce9cd9bccd21e27275b1f6ee72d49e6b246193fe08c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 10:22:26 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Rootkit
t3scan.1.1.74.0

File size:
17.1 KB (17,520 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\liveio.sys

Digital Signature
Signed by:
Elitegroup Computer Systems Co LTD.

Authority:
VeriSign, Inc.

Valid from:
8/11/2009 2:00:00 AM

Valid to:
8/11/2012 1:59:59 AM

Subject:
CN="Elitegroup Computer Systems Co LTD. ", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Elitegroup Computer Systems Co LTD. ", L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
31B6B0C9E201F8E77ED96172B10F81C8

File PE Metadata
Compilation timestamp:
8/14/2009 5:33:40 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
192:lqbMXX0Hif7CbGZnN2vBhESBs5jfE7AyowJL/8Qpkqs1I5ZgjlLY0a+ebCf2wyW:lqblC2uNsBOjSAYJLu1M6japbCOk

Entry address:
0x60F0

Entry point:
8B, FF, 55, 8B, EC, A1, 00, 30, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1A, A1, 40, 20, 01, 00, 8B, 00, 35, 00, 30, 01, 00, A3, 00, 30, 01, 00, 75, 07, 8B, C1, A3, 00, 30, 01, 00, F7, D0, A3, 04, 30, 01, 00, 5D, E9, D8, FE, FF, FF, 5C, 00, 44, 00, 6F, 00, 73, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 73, 00, 5C, 00, 4C, 00, 69, 00, 76, 00, 65, 00, 49, 00, 4F, 00, 00, 00, 5C, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 5C, 00, 4C, 00, 69, 00, 76, 00, 65, 00, 49, 00, 4F, 00...
 
[+]

Code size:
7.5 KB (7,680 bytes)

Driver
Display name:
LiveIO

Type:
Kernel device driver (KernelDriver)

Group:
LiveIOClass


Scan liveio.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.