How to remove $RI381J4.sys

» File
File Details
Overview
Analysis

$RI381J4.sys

The module $RI381J4.sys has been detected as Risk.RemoteAdmin

Remove $RI381J4.sys

File Details

Main Info:

Product Name:	UltraVnc miniport driver2
Company Name:	UVNC BVBA
MD5:	a906b08944ef1bec17ae306e9fdb35d0
Size:	12 KB
First Published:	2017-08-14 11:02:56 (7 years ago)
Latest Published:	2020-10-12 19:06:25 (4 years ago)

Analysis:

Status:	Risk.RemoteAdmin (on last analysis)
Analysis Date:	2020-10-12 19:06:25 (4 years ago)

Overview

Digital Signature

Signed By:	uvnc bvba
Status:	Valid

Common Places:

%system%\drivers

%system%\driverstore\filerepository\mv2.inf_amd64_neutral_33f6848fb0f6ad6d

%programfiles%\avanquest\systemsuite\mirrordrivers\vista64\driver

%programfiles%\avanquest\fix-it\mirrordrivers\vista64\driver

%programfiles%\positivo informática\positivo network manager\newvnc\driver\vista64\driver

%programfiles%\ultravnc\driver\driver

%localappdata%\avg netherlands bv\avg driver updater\backups\20160512t164332206750\mv_hook_display_driver2

%programfiles%\ultravnc\drivers\vista64\driver

%appdata%\dacom\anyhelp\host_kr\driver

%programfiles%\impcremote\uvnc\driver\vista64\driver

File Names:

mv2.sys

$RI381J4.sys

Geography:

United States	33.7%
Taiwan	17.7%
South Korea	12.2%
Italy	5.2%
France	4.5%
Germany	3.1%
Netherlands	2.8%
Japan	1.7%
Vietnam	1.7%
Canada	1.7%
Brazil	1.4%
Iran	1.4%
Russia	1.4%
Pakistan	1.0%
Croatia	1.0%
Spain	1.0%
Mexico	1.0%
Australia	0.7%
Thailand	0.7%
Czech Republic	0.7%
Hong Kong	0.7%
Slovenia	0.7%
Austria	0.7%
Malaysia	0.7%
China	0.7%
Turkey	0.3%
Israel	0.3%
Saudi Arabia	0.3%
Bosnia and Herzegovina	0.3%
Switzerland	0.3%

OS Version:

Windows 7	55.9%
Windows 10	36.1%
Windows Server 2008 R2	4.9%
Windows 8.1	2.1%
Windows XP	0.7%
Windows Server 2012 R2	0.3%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000010000
Entry Address:	0x00005008

PE Sections:

Name	Size of data	MD5
.text	512	82b341ddd90e3c50c69d8f7d435001ec
.rdata	512	6c9136f8773d5f1309e7a5b085b888d1
.data	512	043c46095689123e1f5be96c109c2f46
.pdata	512	a32fb8b8f58627cb6cff5eec9c191083
INIT	512	872500d433d47501bef27d892a4d5aaa
.rsrc	1024	5b776b12354b6e74d023d34d54856dc9

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RI381J4.sys

copyright for information about $RI381J4.sys

How to remove $RI381J4.sys

$RI381J4.sys

The module $RI381J4.sys has been detected as Risk.RemoteAdmin

File Details

Main Info:

UltraVnc miniport driver2

UVNC BVBA

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: