How to remove hwinfo64a.sys

» File
File Details
Overview
Analysis

hwinfo64a.sys

The module hwinfo64a.sys has been detected as Suspicious Object

hwinfo64a.sys

Remove hwinfo64a.sys

File Details

Main Info:

Product Name:	HWiNFO AMD64 Kernel Driver
Company Name:	REALiX(tm)
MD5:	bc2a060f09418d1c52aada2c961620a0
Size:	54 KB
First Published:	2018-04-18 16:04:39 (6 years ago)
Latest Published:	2018-09-17 19:09:37 (6 years ago)

Analysis:

Status:	Suspicious Object (on last analysis)
Analysis Date:	2018-09-17 19:09:37 (6 years ago)

Overview

Digital Signature

Signed By:	Martin Malik - REALiX
Status:	Valid

Common Places:

%temp%

%sysdrive%

File Names:

HWiNFO64A.SYS

hwinfo64a.sys

Geography:

	29.7%
	17.5%
	13.1%
	12.5%
	5.3%
	3.0%
	3.0%
	2.7%
	2.1%
	1.8%
	1.8%
	1.8%
	1.8%
	1.5%
	1.2%
	0.9%
	0.3%
	0.3%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000010000
Entry Address:	0x0000c064

PE Sections:

Name	Size of data	MD5
.text	32768	a615d892aa7513658c25d2538ee0f3e9
.rdata	1536	4dc63e70c51db1b0f4dca2ca94d71d18
.data	512	043c46095689123e1f5be96c109c2f46
.pdata	1024	116c0ceb85c7059d9ad636e5fb32be69
INIT	1536	6de74eb40f9dcfe895e3ed3175fcf778
.rsrc	1024	e1e649c4af58b763a695e6c7ec49cae5

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for hwinfo64a.sys

copyright for information about hwinfo64a.sys