How to remove RNG.sys
RNG.sys
The module RNG.sys has been detected as Trojan.Gen
File Details
| MD5: | dad20e4603919391341db0d925c901db |
| Size: | 11 KB |
| First Published: | 2018-08-31 13:14:37 (7 years ago) |
| Latest Published: | 2025-08-28 23:01:37 (a month ago) |
| Status: | Trojan.Gen (on last analysis) | |
| Analysis Date: | 2025-08-28 23:01:37 (a month ago) |
Overview
| Signed By: | Xtreaming Technology Inc. |
| Status: | Valid |
Common Places:
| %sysdrive% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %system% |
| %windir% |
File Names:
| Driver.sys |
| RNG.sys |
| lege.sys |
Geography:
| 14.9% | ||
| 14.9% | ||
| 5.3% | ||
| 5.3% | ||
| 5.3% | ||
| 5.3% | ||
| 4.4% | ||
| 4.4% | ||
| 3.5% | ||
| 3.5% | ||
| 3.5% | ||
| 2.6% | ||
| 2.6% | ||
| 1.8% | ||
| 1.8% | ||
| 1.8% | ||
| 1.8% | ||
| 1.8% | ||
| 1.8% | ||
| 1.8% | ||
| 1.8% | ||
| 1.8% | ||
| 1.8% | ||
| 0.9% | ||
| 0.9% | ||
| 0.9% | ||
| 0.9% | ||
| 0.9% | ||
| 0.9% | ||
| 0.9% | ||
| 0.9% |
OS Version:
| Windows 10 | 83.5% | |
| Windows 7 | 15.0% | |
| Windows 8.1 | 1.6% |
Analysis
| Subsystem: | Native |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x00001184 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 2048 | 52fe264b6e7c7d2108f7b24e88e0ea77 |
| .rdata | 1536 | 186386c253168aab5a0b4b10b72ed105 |
| .data | 512 | 0e1f28d99cd9340051c616e7cdeb1e79 |
| .pdata | 512 | ab6aa75628165be655095516ecd1258c |
| .gfids | 512 | 1cf2856b26691be80e10679aee1138e4 |
| INIT | 1024 | 060638d5bfb0689d1f0b83ce388d14ab |
| .reloc | 512 | 7eb4a2bcce2a13af648ff2e4709bd98e |
More information:
Download GridinSoft
Anti-Malware - Removal tool for RNG.sys
