How to remove WinmonFS.sys#48F33254DF52062F

WinmonFS.sys#48F33254DF52062F

The module WinmonFS.sys#48F33254DF52062F has been detected as Rootkit.Gen

WinmonFS.sys#48F33254DF52062F
Remove WinmonFS.sys#48F3325

File Details

Product Name:

Windows (R) Win 7 DDK driver
Company Name:

Windows (R) Win 7 DDK provider
MD5: c6100c067d1e619b730bf23ab4045b17
Size: 22 KB
First Published: 2018-03-02 15:10:01 (7 years ago)
Latest Published: 2024-05-04 23:02:10 (a year ago)
Status: Rootkit.Gen (on last analysis)
Analysis Date: 2024-05-04 23:02:10 (a year ago)

Overview

Signed By: WDKTestCert Admin,131480495282941941
Status: Valid

Common Places:

%system%
%sysdrive%\adwcleaner\quarantine\v1\20180621.042125
%sysdrive%\$windows.~bt\newos\windows\system32
%sysdrive%\tdsskiller_quarantine\12.07.2018_16.43.28\uds0003
%sysdrive%\tdsskiller_quarantine\25.07.2018_14.54.39\uds0003
%sysdrive%\tdsskiller_quarantine\12.07.2018_21.50.52\uds0003
%sysdrive%\tdsskiller_quarantine\09.08.2018_17.08.33\uds0003
%system%
%system%
%system%

File Names:

WinmonFS.sys
WinmonFS.sys#48F33254DF52062F
winmonfs.sys
tsk0000.dta

Geography:

18.0%
8.6%
8.6%
6.5%
6.4%
5.3%
4.9%
2.6%
2.5%
2.5%
1.7%
1.4%
1.4%
1.3%
1.3%
1.3%
1.2%
1.0%
0.9%
0.9%
0.9%
0.8%
0.8%
0.8%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.6%
0.5%
0.5%
0.5%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 7 52.9%
Windows 10 40.7%
Windows 8.1 6.0%
Windows 8 0.2%
Windows Vista 0.1%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00009128

PE Sections:

Name Size of data MD5
.text 10752 e8e27533b4b84fc772f6a2d727b387d5
.rdata 3072 a22f6e79450f8ee300fb276b66385190
.data 512 faaef9cd90101840434e88223aaa01c4
.pdata 1024 e6bb0cf62c3b78e1d11854070b3e0c8c
.gfids 512 1cf2856b26691be80e10679aee1138e4
PAGE 512 96e828d8f66c13044c4046b393963ee5
INIT 2048 ae63a9cc3c374a2febb2bef530f39a0f
.rsrc 1536 36bc2500c1cca9ba07ed4b8eaf759772
.reloc 512 bf99da37e3aed196fcad38971f5e1d61

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for WinmonFS.sys#48F33254DF52062F
copyright for information about WinmonFS.sys#48F33254DF52062F