How to remove nkrsok.sys
nkrsok.sys
The module nkrsok.sys has been detected as Rootkit.Agent
File Details
| Product Name: | Windows (R) Win 7 DDK driver |
| Company Name: | Windows (R) Win 7 DDK provider |
| MD5: | bd8b6cfbe0e32d1a69ec0479a1ca16fc |
| Size: | 118 KB |
| First Published: | 2017-05-26 22:06:57 (7 years ago) |
| Latest Published: | 2018-03-21 09:08:01 (6 years ago) |
| Status: | Rootkit.Agent (on last analysis) | |
| Analysis Date: | 2018-03-21 09:08:01 (6 years ago) |
Overview
| Signed By: | Shangrao Ruihai Information Technology Co., Ltd. |
| Status: | Valid |
Common Places:
| %system%\drivers |
| %system% |
File Names:
| wmtmkk.sys |
| nkrsok.sys |
| wlslmn.sys |
| wmtmio.sys |
| wpjpon.sys |
| nsmxom.sys |
| wztzon.sys |
| tgngpo.sys |
| tysymq.sys |
| nbiump.sys |
| wnhngp.sys |
| ttntlr.sys |
| nahvnk.sys |
| wdkdon.sys |
| noivlq.sys |
| trlrmp.sys |
| nelyok.sys |
| wfmfir.sys |
| thohlr.sys |
| nuowho.sys |
| noiyko.sys |
| ngnwgm.sys |
| tgngoo.sys |
| ntnxnn.sys |
| tvpvkr.sys |
| tztzqn.sys |
| trlrop.sys |
| nrlvnn.sys |
| ntnvkn.sys |
| nnhwgn.sys |
| tuouoo.sys |
| nvpsip.sys |
| nelwhm.sys |
| njqxpn.sys |
| nsmvgq.sys |
| nfmtpr.sys |
| nztskp.sys |
Geography:
| 73.2% | ||
| 17.1% | ||
| 4.9% | ||
| 2.4% | ||
| 2.4% |
OS Version:
| Windows 7 | 75.6% | |
| Windows 10 | 24.4% |
Analysis
| Subsystem: | Native |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000000010000 |
| Entry Address: | 0x00021064 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 81408 | 4173e4d4e41cd5b359c98f132757f25e |
| .rdata | 5632 | ec3a9506898138f377f96588d9822790 |
| .data | 20992 | 191a6de95b45ef2ca12854402272e4a8 |
| .pdata | 2560 | b7999cce3df46356df407bba706822d0 |
| INIT | 3072 | 0762c59c6c483d88ffb0c9be10a22bc4 |
| .rsrc | 1024 | d54c778b9a3cc9413e44ecb8abcaf43b |
| .reloc | 512 | f9a4fadf4617feccab40990f0db8741a |
More information:
Download GridinSoft
Anti-Malware - Removal tool for nkrsok.sys
