» tcpz-x64d.sys
Overview
Analysis
File Details

tcpz-x64d.sys

TCP-Z Kernel driver. It's safe only come with TCP-Z!

deepxw Software

File name:

tcpz-x64d.sys

Publisher:

deepxw (signed by deepxw Software)

Product:

TCP-Z Kernel driver. It's safe only come with TCP-Z!

Description:

TCP/IP Half Open Connection Utility Driver For TCP-Z

Version:

6.0.6000.3009 built by: WinDDK

MD5:

2f251adae5bdda892b81235ce3d454bd

SHA-1:

2ee1f7d5237fae41aa0df5d45e3d4c86198fdef1

SHA-256:

42d4c3b50e28aeed6e3628e61725d0b1bbedfb011a24c40446e6e092149171a9

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

5/10/2024 1:37:26 PM UTC (today)

Scan engine

Detection

Engine version

Sophos

TCP-Z TCP Patch and Monitor

4.98

File size:

14.9 KB (15,208 bytes)

Product version:

6.0.6000.3009

Original file name:

tcpz.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Digital Signature

Signed by:

deepxw Software

Authority:

deepxw Software

Valid from:

1/18/2008 4:00:00 PM

Valid to:

12/31/2011 4:00:00 PM

Subject:

CN=deepxw Software, E=deepxw, O=deepxw Software

Issuer:

CN=deepxw Software, E=deepxw, O=deepxw Software

Serial number:

18232ACE5210A6B04D8617A50040AF4C

File PE Metadata

Compilation timestamp:

12/27/2008 7:38:44 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

8.0

CTPH (ssdeep):

192:rxQynsuiMYNozRUoJLx/dU0uhh0m+72dxQpMmpUssUuwyowJL/BfEenilG:rz3uy/dze0mg2dxYpLdYJLGez

Entry address:

0x6010

Entry point:

48, 8B, 05, F1, E0, FF, FF, 49, B9, 32, A2, DF, 2D, 99, 2B, 00, 00, 48, 85, C0, 74, 05, 49, 3B, C1, 75, 2F, 4C, 8D, 05, D6, E0, FF, FF, 48, B8, 20, 03, 00, 00, 80, F7, FF, FF, 48, 8B, 00, 49, 33, C0, 49, B8, FF, FF, FF, FF, FF, FF, 00, 00, 49, 23, C0, 49, 0F, 44, C1, 48, 89, 05, AE, E0, FF, FF, 48, F7, D0, 48, 89, 05, 9C, E0, FF, FF, E9, 17, BF, FF, FF, CC, CC, CC, 98, 60, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, 62, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.8741

Code size:

7 KB (7,168 bytes)

Scan tcpz-x64d.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.