How to remove mtpHelper_x64.sys

» File
File Details
Overview
Analysis

mtpHelper_x64.sys

The module mtpHelper_x64.sys has been detected as Rootkit.Gen

mtpHelper_x64.sys

Remove mtpHelper_x64.sys

File Details

Main Info:

MD5:	9aa10a124ddac161933dd2e604b197ed
Size:	12 KB
First Published:	2020-11-12 16:22:17 (5 years ago)
Latest Published:	2025-03-02 23:05:45 (10 months ago)

Analysis:

Status:	Rootkit.Gen (on last analysis)
Analysis Date:	2025-03-02 23:05:45 (10 months ago)

Overview

Digital Signature

Signed By:	上海域联软件技术有限公司
Status:	Invalid (digital signature could be stolen or file could be patched)

Common Places:

%profile%\downloads\wimbuilder2-full.v2020-06-06.7z\projects\win10xpe\01-components

%system%

%system%

Geography:

	33.3%
	33.3%
	33.3%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x00005000

PE Sections:

Name	Size of data	MD5
.text	2560	917f762488a0d6580e9dfde1843a7f16
.rdata	1536	4b47a4149d4c58b2cbe555552ef24dab
.data	512	ee8e428290ec42160c5e2a30f80215a5
.pdata	512	02953fd2cfac3a7bc546b00f348c215b
INIT	1024	b9ef0d7f142e723763fa4cd8f12d0e09
.reloc	512	336caa986135812ffa20b842886cdd94

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for mtpHelper_x64.sys

copyright for information about mtpHelper_x64.sys