How to remove winmon.sys

» File
File Details
Overview
Analysis

winmon.sys

The module winmon.sys has been detected as Trojan.Rootkit

winmon.sys

Remove winmon.sys

File Details

Main Info:

MD5:	1dc9763edd29f9e5f36e728c4b17c0ab
Size:	9 KB
First Published:	2018-03-02 17:09:15 (6 years ago)
Latest Published:	2019-08-13 03:38:50 (4 years ago)

Analysis:

Status:	Trojan.Rootkit (on last analysis)
Analysis Date:	2019-08-13 03:38:50 (4 years ago)

Overview

Digital Signature

Signed By:	WDKTestCert Admin,131480495282941941
Status:	Valid

Common Places:

%system%

%system%

%system%

%system%

%system%

%system%

%system%

%sysdrive%\windows.old\users\никита\desktop\windows.old\windows\system32

File Names:

Winmon.sys

winmon.sys

Geography:

	17.8%
	15.1%
	12.3%
	11.0%
	8.2%
	4.1%
	4.1%
	2.7%
	2.7%
	2.7%
	2.7%
	1.4%
	1.4%
	1.4%
	1.4%
	1.4%
	1.4%
	1.4%
	1.4%
	1.4%
	1.4%
	1.4%
	1.4%

OS Version:

Windows 10	69.9%
Windows 7	26.0%
Windows 8.1	4.1%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x00001184

PE Sections:

Name	Size of data	MD5
.text	2048	8e34d56c550f3a70da290fcb4ad9b85a
.rdata	1536	c1aab8761351ae82a304d59487a78a73
.data	512	75b13f23e7b388de282ef415dc2a7882
.pdata	512	545fb8c4dd033f0d8a1597d4319e85c7
.gfids	512	1cf2856b26691be80e10679aee1138e4
INIT	1024	f3296c00dfac57b2e4540284981f38d4
.reloc	512	83568d8d8a5c6b8fe8b2eb320bd03418

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for winmon.sys

copyright for information about winmon.sys