How to remove Winmon.sys#A4CEEBE921574AC8

» File
File Details
Overview
Analysis

Winmon.sys#A4CEEBE921574AC8

The module Winmon.sys#A4CEEBE921574AC8 has been detected as Rootkit.Gen

Winmon.sys#A4CEEBE921574AC8

Remove Winmon.sys#A4CEEBE92

File Details

Main Info:

MD5:	69989105f151015c16a2f422f5722590
Size:	9 KB
First Published:	2018-03-02 15:10:01 (7 years ago)
Latest Published:	2024-08-15 23:07:42 (a year ago)

Analysis:

Status:	Rootkit.Gen (on last analysis)
Analysis Date:	2024-08-15 23:07:42 (a year ago)

Overview

Digital Signature

Signed By:	WDKTestCert Admin,131480495282941941
Status:	Valid

Common Places:

%system%

%sysdrive%\adwcleaner\quarantine\v1\20180621.042125

%sysdrive%\$windows.~bt\newos\windows\system32

%sysdrive%\tdsskiller_quarantine\25.07.2018_14.54.39\uds0002

%sysdrive%\tdsskiller_quarantine\12.07.2018_21.50.52\uds0002

%sysdrive%\tdsskiller_quarantine\09.08.2018_17.08.33\uds0002

%sysdrive%\tdsskiller_quarantine\12.07.2018_16.43.28\uds0002

%sysdrive%\adwcleaner\quarantine

%system%

%system%

File Names:

Winmon.sys

Winmon.sys#A4CEEBE921574AC8

winmon.sys

tsk0000.dta

Geography:

	18.9%
	8.6%
	8.4%
	6.5%
	6.2%
	5.8%
	4.8%
	2.9%
	2.4%
	2.4%
	2.0%
	1.6%
	1.5%
	1.3%
	1.2%
	1.2%
	1.0%
	0.9%
	0.8%
	0.8%
	0.8%
	0.8%
	0.8%
	0.7%
	0.7%
	0.7%
	0.6%
	0.6%
	0.6%
	0.6%
	0.5%
	0.5%
	0.5%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 7	52.9%
Windows 10	40.5%
Windows 8.1	6.3%
Windows 8	0.2%
Windows Vista	0.1%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x00001184

PE Sections:

Name	Size of data	MD5
.text	2048	3ddb707008f4b75000fb6f46a4322a7c
.rdata	1536	82dd29b0a443f2333a8eae26cb7582fc
.data	512	75b13f23e7b388de282ef415dc2a7882
.pdata	512	665d490523f7aa24b4ce195dc1f2a444
.gfids	512	1cf2856b26691be80e10679aee1138e4
INIT	1024	f3296c00dfac57b2e4540284981f38d4
.reloc	512	83568d8d8a5c6b8fe8b2eb320bd03418

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for Winmon.sys#A4CEEBE921574AC8

copyright for information about Winmon.sys#A4CEEBE921574AC8