How to remove WinDivert.sys

» File
File Details
Overview
Analysis

WinDivert.sys

The module WinDivert.sys has been detected as Adware.DNSKeep (Heuristic)

Remove WinDivert.sys

File Details

Main Info:

Product Name:	WinDivert driver
Company Name:	Basil Projects
MD5:	a0d15d8727d0780c51628df46b7268b3
Size:	34 KB
First Published:	2017-05-24 20:03:03 (8 years ago)
Latest Published:	2022-03-18 23:08:20 (3 years ago)

Analysis:

Status:	Adware.DNSKeep (Heuristic) (on last analysis)
Analysis Date:	2022-03-18 23:08:20 (3 years ago)

Overview

Digital Signature

Signed By:	Nemea Mjukvaruutveckling AB
Status:	Invalid (digital signature could be stolen or file could be patched)

Common Places:

%commonappdata%\kmsautos\bin\driver\x64wdv

%programfiles%\kmspico

%localappdata%\temp

%temp%

%programfiles%

%commonappdata%\kmsauto\bin\driver

%programfiles%

%profile%\downloads\kmspico 10.1.8 final + portable (office and windows 10 activator) [techtools]\kmspico 10.1.8 final + portable (office and windows 10 activator) [techtools.net]

Geography:

	54.4%
	5.1%
	3.2%
	2.5%
	2.5%
	2.5%
	1.9%
	1.9%
	1.9%
	1.9%
	1.9%
	1.9%
	1.3%
	1.3%
	1.3%
	1.3%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%

OS Version:

Windows 10	96.3%
Windows 8.1	3.7%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000010000
Entry Address:	0x000045d4

PE Sections:

Name	Size of data	MD5
.text	15360	93d92e7d6043dfd9c02e17232473c6ef
.rdata	5632	01901408b8f809b5d4b8f08b229b5814
.data	1024	f5c27b7e9b8ab1a5ed4df48e551a32ea
.pdata	512	ef7197c82175ff5c22286c052e23c432
INIT	2048	cb586c3abdacaa7462beeefca02b49bc
.rsrc	1024	067df7de8dca2604b96da9e927fb485f
.reloc	512	91653462770c7d169dc7c4d31c8d13d7

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for WinDivert.sys

copyright for information about WinDivert.sys