How to remove $RKZC621.sys

» File
File Details
Overview
Analysis

$RKZC621.sys

The module $RKZC621.sys has been detected as Rootkit.Gen

$RKZC621.sys

Remove $RKZC621.sys

File Details

Main Info:

MD5:	622fd523a87cb55be0b676a70c64e8f8
Size:	27 KB
First Published:	2018-04-04 07:03:40 (7 years ago)
Latest Published:	2022-04-26 23:09:45 (3 years ago)

Analysis:

Status:	Rootkit.Gen (on last analysis)
Analysis Date:	2022-04-26 23:09:45 (3 years ago)

Overview

Digital Signature

Signed By:	WDKTestCert Admin,131666266076831434
Status:	Valid

Common Places:

%system%

%sysdrive%\adwcleaner\quarantine

%sysdrive%\$recycle.bin

%sysdrive%\windows.old\windows\system32

%system%

%system%

%system%

%system%

%system%

%system%

File Names:

WinmonProcessMonitor.sys

$RKZC621.sys

$R8BGZNJ.sys

winmonprocessmonitor.sys

Geography:

	23.0%
	17.0%
	5.8%
	5.7%
	5.1%
	4.9%
	3.3%
	3.1%
	3.1%
	2.6%
	2.4%
	2.0%
	1.6%
	1.5%
	1.3%
	1.3%
	0.9%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%

OS Version:

Windows 7	85.6%
Windows 10	9.3%
Windows 8.1	2.3%
Windows 8	2.1%
Windows Vista	0.4%
Windows Embedded Standard	0.2%
Windows Embedded 8.1	0.2%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0000111d

PE Sections:

Name	Size of data	MD5
.text	1536	6f22321e800ec345fe31e312d007c06c
.rdata	20992	ad0cdd052986b02cdc55dd38ce7e03fe
.data	512	a6f0bc000be7e9d2ff0e4ab36b46280e
INIT	1024	42b7ea053ecc7598b66f36d2b7f020bf
.reloc	1536	2c043bee613dfc77ef2025fbd74af540

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RKZC621.sys

copyright for information about $RKZC621.sys