wcmvcam64.sys

Windows Win 7 DDK driver

Tenki Technology Co., Ltd.

The file wcmvcam64.sys, “WebcamMax Capture” by Tenki Technology Co. has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a Windows 64-bit kernel mode device driver named “WebcamMax, WDM Video Capture”. This file is typically installed with the program WebcamMax by CoolwareMax.
Publisher:
Windows (R) Win 7 DDK provider  (signed by Tenki Technology Co., Ltd.)

Product:
Windows (R) Win 7 DDK driver

Description:
WebcamMax Capture

Version:
6.1.7600.16385 built by: WinDDK

MD5:
3a2d452c40162823b79867040b46d4a8

SHA-1:
adc23fc9e7ba607d5c3cfa544a4047dcdcc2be85

SHA-256:
12dbf363daa50da6d8185f67abdba1050db8fd7f24c98279db4f26cf0d3ea95a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
7/6/2020 11:58:00 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.TenkiTechnologyCo.M
14.3.3.12

File size:
1 MB (1,071,032 bytes)

Product version:
6.1.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
wcmvcam.sys

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\wcmvcam64.sys

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/30/2011 2:00:00 AM

Valid to:
5/30/2012 1:59:59 AM

Subject:
CN="Tenki Technology Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Tenki Technology Co., Ltd.", L=Langfang, S=Hebei, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1BA7EF22FB3BE25B922AF13705001118

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:QKy+VTepbEO/z5tD4OtwoakgicqBM9QqSuf2fvUZXp095:vtTeqaz5t4OwoQqBEQqSO2f8RpY

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 32, D7, EF, FF, CC, CC, 00, 2E, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, FA, 2E, 10, 00, 40, 36, 00, 00, C0, 2D, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, DE, 2F, 10, 00, 00, 36, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A0, 2F, 10, 00, 00, 00, 00, 00, 80, 2F, 10, 00, 00, 00, 00, 00, 60, 2F, 10, 00, 00, 00, 00, 00, 46, 2F, 10, 00, 00, 00, 00, 00, 28, 2F, 10, 00...
 
[+]

Driver
Display name:
WebcamMax, WDM Video Capture

Service name:
WCMVCAM

Type:
Kernel device driver (KernelDriver)


The file wcmvcam64.sys has been discovered within the following program.

WebcamMax  by CoolwareMax
Publisher's description - “It enables you to add thousands of cool effects to webcam video for your live video chats or streaming, and new effects are keeping added. You can show to your friends with you wearing a pair of cat's eyes, becoming a two-heads weirdie or even in a wanted poster.”
client7.webcammax.net/client/?PID=WCM&&ACTION=?uninstall
38% remove it
 
Powered by Should I Remove It?

Remove wcmvcam64.sys - Powered by Reason Core Security