How to remove WinDivert64.sys
- File Details
- Overview
- Analysis
WinDivert64.sys
The module WinDivert64.sys has been detected as Suspicious Object
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
007a3ae3f03fb18c2cab1e0c97c45a20 |
| Size: |
49 KB |
| First Published: |
2020-05-26 18:59:31 (5 years ago) |
| Latest Published: |
2022-07-30 23:17:33 (3 years ago) |
| Status: |
Suspicious Object (on last analysis) |
|
| Analysis Date: |
2022-07-30 23:17:33 (3 years ago) |
Overview
| %windir%\kms |
| %desktop% |
| %sysdrive%\$recycle.bin\s-1-5-21-2512283489-472840666-2348427776-1002 |
| %desktop% |
| %profile%\downloads |
| %desktop%\goldwave v6.36 portable\goodbyedpi-0.1.5 |
| %sysdrive%\@torrent\util\goodbyedpi |
| %windir%\kms |
| %appdata% |
| %sysdrive%\netflix |
|
44.0% |
|
|
26.0% |
|
|
8.0% |
|
|
8.0% |
|
|
4.0% |
|
|
2.0% |
|
|
2.0% |
|
|
2.0% |
|
|
2.0% |
|
|
2.0% |
|
| Windows 10 |
54.7% |
|
| Windows 7 |
45.3% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000000010000 |
| Entry Address: |
0x000053e4 |
| Name |
Size of data |
MD5 |
| .text |
18944 |
08416ea90127b15cca51c913298fc9fa |
| .rdata |
5632 |
09b121ed1aa193821bf1386cf8888419 |
| .data |
1536 |
8d1a221b1a6fec7c92f514e47a2c5817 |
| .pdata |
1024 |
569cc48b7887b64d6f9e1cca1e10780b |
| INIT |
2048 |
1aa74637fac7ef992d43f426be2cecf7 |
| .rsrc |
1536 |
e7aee13746ca1e8ebec27272a3256d05 |
| .reloc |
512 |
e1651536ab9172b98ae059e4c0bf9da4 |
