» rz76133za.sys
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

rz76133za.sys

rz76133za

ZVT Inc.

It runs as a Windows 64-bit kernel mode device driver named “rz76133za”.

File name:

rz76133za.sys

Publisher:

rz76133za Foundation (signed by ZVT Inc.)

Product:

rz76133za

Description:

rz76133za Driver

Version:

7.1a

MD5:

ac101d5e0e242eeb93cfed7bbc61f08c

SHA-1:

b59a7a220d58acce4a0eeb5967a9fa5a09d3d224

SHA-256:

d9a74daf26065fe92833d0b696d6c35b3a75503968ca9f890c9a909047adffab

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/25/2024 7:59:46 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Crypt.XPACK.Gen2

7.11.30.172

File size:

241 KB (246,752 bytes)

Product version:

7.1a

Trademarks:

rz76133za

Original file name:

rz76133za.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\zinstall_xp7\rz76133za.sys

Digital Signature

Signed by:

ZVT Inc.

Authority:

GlobalSign nv-sa

Valid from:

2/18/2011 4:38:46 PM

Valid to:

2/18/2014 4:38:43 PM

Subject:

CN=ZVT Inc., O=ZVT Inc., C=VG

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000012E381AD139

File PE Metadata

Compilation timestamp:

11/18/2013 10:21:04 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

6144:rqcAVDvO7iTAAoeVaqqDL6Mxlom9jlvn0:GcbAoeVvqn6ajl8

Entry address:

0x4233C

Entry point:

48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, AE, FC, FF, FF, CC, CC, CC, CC, CC, CC, 5C, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 5C, 00, 72, 00, 7A, 00, 37, 00, 36, 00, 31, 00, 33, 00, 33, 00, 7A, 00, 61, 00, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 53, 00, 74, 00, 61, 00, 72, 00, 74, 00, 00, 00, CC, CC, CC, CC, 5C, 00, 44, 00, 6F, 00, 73, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 73, 00, 5C, 00, 72, 00, 7A, 00... 
[+]

Entropy:

6.7661

Code size:

139 KB (142,336 bytes)

Driver

Display name:

rz76133za

Type:

Kernel device driver (KernelDriver)

The file rz76133za.sys has been discovered within the following program.

Zinstall Client Utility by ZVT, Inc.

Publisher's description - “Zinstall is based on unique technology and experience. Unlike other, "file mover"-style products, it transfers the complete environment, and doesn't harm the old or the new PC.”

www.zinstall.com

4% remove it

Scan rz76133za.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.