How to remove GWfilt64.sys
- File Details
- Overview
- Analysis
GWfilt64.sys
The module GWfilt64.sys has been detected as Adware.BrowseFox
File Details
Company Name: |
|
MD5: |
b067dffda2fa1ce8d33b50c572d58699 |
Size: |
42 KB |
First Published: |
2017-05-21 16:04:39 (7 years ago) |
Latest Published: |
2019-03-26 00:05:28 (5 years ago) |
Status: |
Adware.BrowseFox (on last analysis) |
|
Analysis Date: |
2019-03-26 00:05:28 (5 years ago) |
Overview
%commonappdata%\40e4509d-93ba-4fdd-82c6-1f8445099ea3\dell\drivers\audio_driver_7877m_wn32_6.0.1.7989_a04\realtekhdaudio\win64 |
%commonappdata%\55d1c1d8-68b7-4f45-a1d4-2e298f0fb658\dell\drivers\audio_driver_7877m_wn32_6.0.1.7989_a04\realtekhdaudio\win64 |
%commonappdata%\a1975901-9fd6-4919-a258-61affebce12f\dell\drivers\audio_driver_7877m_wn32_6.0.1.7989_a04\realtekhdaudio\win64 |
%commonappdata%\1d3c3e3d-cbc6-41ba-a870-d492a63261ef\dell\drivers\audio_driver_7877m_wn32_6.0.1.7989_a04\realtekhdaudio\win64 |
%commonappdata%\386c81bc-09d4-4e8b-9032-f9765d160846\dell\drivers\audio_driver_7877m_wn32_6.0.1.7989_a04\realtekhdaudio\win64 |
%commonappdata%\abe72e54-ee2f-427f-a0de-87efc4d403ba\dell\drivers\audio_driver_7877m_wn32_6.0.1.7989_a04\realtekhdaudio\win64 |
%commonappdata%\92447115-c4ab-4d93-9732-459b4e170201\dell\drivers\audio_driver_7877m_wn32_6.0.1.7989_a04\realtekhdaudio\win64 |
%commonappdata%\042d7438-f636-4cce-8e25-2fabf87b491a\dell\drivers\audio_driver_177vg_wn32_6.0.1.7989_a03\realtekhdaudio\win64 |
%commonappdata%\fea332a2-55bd-4aa8-9042-1caecb9a6344\dell\drivers\audio_driver_7877m_wn32_6.0.1.7989_a04\realtekhdaudio\win64 |
%commonappdata%\67a9759a-a2f5-4293-ba3f-324192d42d0d\dell\drivers\audio_driver_7877m_wn32_6.0.1.7989_a04\realtekhdaudio\win64 |
|
52.6% |
|
|
15.8% |
|
|
10.5% |
|
|
5.3% |
|
|
5.3% |
|
|
5.3% |
|
|
5.3% |
|
Analysis
Subsystem: |
Native |
PE Type: |
pe |
OS Bitness: |
64 |
Image Base: |
0x0000000000010000 |
Entry Address: |
0x00005010 |
Name |
Size of data |
MD5 |
.text |
10240 |
1206364a00e2ee10c0e226fa048a5dae |
page |
3584 |
0e7cb72898d868fced45b84c0d6768d9 |
init |
512 |
aab762bcb8a0270950cc3b3a485de5ff |
.rdata |
7168 |
bda6b7fe8c7012e4b580037484920a6d |
.data |
1024 |
4ac3cb6c8ae2c43be793fe0eb89aef0a |
.pdata |
1536 |
077301235788431b2e9080e5c7c7ed22 |
.CRT |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
INIT |
1024 |
ebe15ee3b43f9061c75b0ed64e125263 |
.rsrc |
1024 |
6eed791978bd1d3f17cde527b2381a80 |
.reloc |
512 |
f24943dda330f8b2e5c8093f493675b5 |