home

TCPZ.exe

TCP-Z

deepxw Software

The application TCPZ.exe, “TCP-Z, TCP/IP Connection Patch and Monitor.” by deepxw Software has been detected as a potentially unwanted program by 9 anti-malware scanners.
Publisher:
deepxw  (signed by deepxw Software)

Product:
TCP-Z

Description:
TCP-Z, TCP/IP Connection Patch and Monitor.

Version:
2.6.0.66

MD5:
55dfc3d416f87ac3b58a7888e92316bb

SHA-1:
bd8533409abbdd38080ac0190e60294821fb3322

Scanner detections:
9 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 3:40:51 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

avast!
Win32:Tcpz-B [PUP]
2014.9-160211

Emsisoft Anti-Malware
Dropped:Trojan.GenericKDV.1373272
8.16.02.11.10

ESET NOD32
Win32/TCPZ.F potentially unsafe (variant)
10.12929

K7 AntiVirus
Trojan
13.204.16037

McAfee
Generic.dx!F6DE30EEB5D6
5600.6493

NANO AntiVirus
Trojan.Win32.TCPZ.cstlsp
1.0.14.5798

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.16209

Sophos
TCP-Z TCP Patch and Monitor (PUA)
4.98

File size:
699.4 KB (716,136 bytes)

Product version:
2.6.0.66

Copyright:
(c) 2009 deepxw. All rights reserved.

Original file name:
TCPZ.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Windows\System32\tcpz.exe

Digital Signature
Signed by:
deepxw Software

Authority:
deepxw Software

Valid from:
1/18/2008 11:00:00 PM

Valid to:
12/31/2011 11:00:00 PM

Subject:
CN=deepxw Software, E=deepxw, O=deepxw Software

Issuer:
CN=deepxw Software, E=deepxw, O=deepxw Software

Serial number:
18232ACE5210A6B04D8617A50040AF4C

File PE Metadata
Compilation timestamp:
3/16/2009 11:05:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:sUMP29QDu6r/eLY7q/zRF7CwVuGgbCoO5:UFYLY7q/1JtgbQ5

Entry address:
0x386F0

Entry point:
E8, 67, 59, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, 74, 95, 46, 00, 75, 02, F3, C3, E9, E7, 59, 00, 00, 8B, 44, 24, 04, 8B, D0, 66, 8B, 08, 40, 40, 66, 85, C9, 75, F6, 66, 8B, 4C, 24, 08, 48, 48, 3B, C2, 74, 05, 66, 39, 08, 75, F5, 66, 8B, 10, 66, 2B, D1, 66, F7, DA, 1B, D2, F7, D2, 23, C2, C3, E8, EE, 49, 00, 00, FF, 74, 24, 04, E8, 45, 48, 00, 00, FF, 35, 50, 95, 46, 00, E8, 8E, 53, 00, 00, 68, FF, 00, 00, 00, FF, D0, 83, C4, 0C, C3, 68, 20, 56, 45, 00, FF, 15, 8C, 12, 45, 00, 85, C0, 74, 16, 68, 10, 56, 45...
 
[+]

Entropy:
6.5503

Code size:
320 KB (327,680 bytes)

Remove TCPZ.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.