home

xustools.sys

xustools.sys

Wen Ming Yang

It runs as a Windows 64-bit kernel mode device driver named “xustools”.
Publisher:
EDesksoft  (signed by Wen Ming Yang)

Product:
xustools.sys

Description:
XUS PC Tools Driver

Version:
1.0.1.7

MD5:
7cd3adf2c7ca4b809fb2740a1c61021f

SHA-1:
4fc8d1dbefda075c13e28ef3ab5de37ed9445a04

SHA-256:
7fa2080ac1beb9fb6762eb47c1ebcc840a6abf11aba8c89d80966b8652d605fd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:34:36 PM UTC  (today)

File size:
11 KB (11,216 bytes)

Product version:
1.0.1.7

Copyright:
Copyright (C) 2011 EDesksoft

Trademarks:
XUS PC Tools is registered trademark of EDesksoft.

Original file name:
xustools.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\xustools.sys

Digital Signature
Signed by:
Wen Ming Yang

Authority:
COMODO CA Limited

Valid from:
9/21/2011 2:00:00 AM

Valid to:
9/21/2012 1:59:59 AM

Subject:
CN=Wen Ming Yang, O=Wen Ming Yang, STREET="Hua Chang Tou 220,Qunsheng,Luoshe", L=Wuxi, S=Jiangsu, PostalCode=214187, C=CN

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
60EA5A6E4E8AC2D3FE9F561C94FC49A3

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
192:3xOTxr2DMbcZiClbfHix8iyMrj6938LWM1ig2N5zK:hGCDMbAfxCxMMC18EzK

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, DE, FC, FF, FF, CC, CC, 94, 0B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 96, 0D, 00, 00, 88, 09, 00, 00, 8C, 0B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A4, 0D, 00, 00, 80, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 20, 0C, 00, 00, 00, 00, 00, 00, 14, 0C, 00, 00, FC, 0B, 00, 00, 34, 0C, 00, 00, 40, 0C, 00, 00, 4E, 0C, 00, 00, 66, 0C, 00, 00, 76, 0C, 00, 00, 8C, 0C, 00, 00, A0, 0C, 00, 00, B8, 0C, 00, 00, C8, 0C...
 
[+]

2 Drivers
Display name:
xustools

Description:
XUS PC Tools Driver

Type:
Kernel device driver (KernelDriver)

Display name:
eusingtools

Description:
Eusing Utilities Driver

Type:
Kernel device driver (KernelDriver)


Scan xustools.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.