How to remove WinmonFS.sys#48F33254DF52062F

» File
File Details
Overview
Analysis

WinmonFS.sys#48F33254DF52062F

The module WinmonFS.sys#48F33254DF52062F has been detected as Rootkit.Gen

File Details

Main Info:

Product Name:	Windows (R) Win 7 DDK driver
Company Name:	Windows (R) Win 7 DDK provider
MD5:	c6100c067d1e619b730bf23ab4045b17
Size:	22 KB
First Published:	2018-03-02 15:10:01 (7 years ago)
Latest Published:	2024-05-04 23:02:10 (2 years ago)

Analysis:

Status:	Rootkit.Gen (on last analysis)
Analysis Date:	2024-05-04 23:02:10 (2 years ago)

Overview

Digital Signature

Signed By:	WDKTestCert Admin,131480495282941941
Status:	Valid

Common Places:

%system%

%sysdrive%\adwcleaner\quarantine\v1\20180621.042125

%sysdrive%\$windows.~bt\newos\windows\system32

%sysdrive%\tdsskiller_quarantine\12.07.2018_16.43.28\uds0003

%sysdrive%\tdsskiller_quarantine\25.07.2018_14.54.39\uds0003

%sysdrive%\tdsskiller_quarantine\12.07.2018_21.50.52\uds0003

%sysdrive%\tdsskiller_quarantine\09.08.2018_17.08.33\uds0003

%system%

File Names:

WinmonFS.sys

WinmonFS.sys#48F33254DF52062F

winmonfs.sys

tsk0000.dta

Geography:

	18.0%
	8.6%
	8.6%
	6.5%
	6.4%
	5.3%
	4.9%
	2.6%
	2.5%
	2.5%
	1.7%
	1.4%
	1.4%
	1.3%
	1.3%
	1.3%
	1.2%
	1.0%
	0.9%
	0.9%
	0.9%
	0.8%
	0.8%
	0.8%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.6%
	0.5%
	0.5%
	0.5%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 7	52.9%
Windows 10	40.7%
Windows 8.1	6.0%
Windows 8	0.2%
Windows Vista	0.1%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x00009128

PE Sections:

Name	Size of data	MD5
.text	10752	e8e27533b4b84fc772f6a2d727b387d5
.rdata	3072	a22f6e79450f8ee300fb276b66385190
.data	512	faaef9cd90101840434e88223aaa01c4
.pdata	1024	e6bb0cf62c3b78e1d11854070b3e0c8c
.gfids	512	1cf2856b26691be80e10679aee1138e4
PAGE	512	96e828d8f66c13044c4046b393963ee5
INIT	2048	ae63a9cc3c374a2febb2bef530f39a0f
.rsrc	1536	36bc2500c1cca9ba07ed4b8eaf759772
.reloc	512	bf99da37e3aed196fcad38971f5e1d61

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for WinmonFS.sys#48F33254DF52062F

copyright for information about WinmonFS.sys#48F33254DF52062F

How to remove WinmonFS.sys#48F33254DF52062F

WinmonFS.sys#48F33254DF52062F

The module WinmonFS.sys#48F33254DF52062F has been detected as Rootkit.Gen

File Details

Main Info:

Windows (R) Win 7 DDK driver

Windows (R) Win 7 DDK provider

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: