How to remove sysmon.exe
sysmon.exe
The module sysmon.exe has been detected as PUP.Systweak
File Details
| Product Name: | SysMon |
| MD5: | 9a06b3201a1f3233ad284235851c736b |
| Size: | 2 MB |
| First Published: | 2017-08-31 20:14:40 (7 years ago) |
| Latest Published: | 2018-04-29 20:13:01 (7 years ago) |
| Status: | PUP.Systweak (on last analysis) | |
| Analysis Date: | 2018-04-29 20:13:01 (7 years ago) |
Overview
| Signed By: | TUNEUP PRO SOFTWARE SERVICES LLP |
| Status: | Valid |
Common Places:
| %appdata%\sysmon |
| %appdata% |
| %sysdrive%\$recycle.bin\s-1-5-21-3058644238-464852132-2500278141-1000\$r9pg8yy\backup set 2017-09-18 122223\backup files 2017-09-18 122223\backup files 1.zip\c\users\777\appdata\roaming |
Geography:
| South Korea | 15.0% | |
| Bulgaria | 15.0% | |
| Ukraine | 15.0% | |
| Indonesia | 10.0% | |
| Japan | 10.0% | |
| Brazil | 5.0% | |
| United States | 5.0% | |
| United Kingdom | 5.0% | |
| Swaziland | 5.0% | |
| China | 5.0% | |
| Egypt | 5.0% | |
| Taiwan | 5.0% |
OS Version:
| Windows 7 | 55.0% | |
| Windows 10 | 40.0% | |
| Windows 8.1 | 5.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0011ad01 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 1766400 | 759094825865770c1c5c82897e3776f2 |
| .rdata | 320512 | fd145f0e950d69cadebd7fe91db9182a |
| .data | 25088 | 7771743387fb0abef5fa6cc3f5c8f9c1 |
| .rsrc | 798720 | 35dd71983987415a2d951195f13e6668 |
| .reloc | 179712 | ec48ba47817cfb0c039ae7f9cf279438 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for sysmon.exe
