How to remove winmon.sys
winmon.sys
The module winmon.sys has been detected as Rootkit.Gen
File Details
| MD5: | 4ef0c39e632279d7b3672d2efc071e5b |
| Size: | 7 KB |
| First Published: | 2018-03-02 18:04:03 (7 years ago) |
| Latest Published: | 2022-08-22 23:36:39 (2 years ago) |
| Status: | Rootkit.Gen (on last analysis) | |
| Analysis Date: | 2022-08-22 23:36:39 (2 years ago) |
Overview
| Signed By: | WDKTestCert Admin,131480495282941941 |
| Status: | Valid |
Common Places:
| %system% |
| %sysdrive%\adwcleaner\quarantine |
| %sysdrive%\windows.old\windows\system32 |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
File Names:
| Winmon.sys |
| winmon.sys |
| Winmon.sys.vir |
Geography:
| Vietnam | 29.6% | |
| Indonesia | 18.0% | |
| Turkey | 5.6% | |
| India | 4.4% | |
| Thailand | 4.1% | |
| China | 4.0% | |
| Russia | 3.8% | |
| Iran | 3.2% | |
| Brazil | 2.3% | |
| Mexico | 2.3% | |
| Myanmar | 1.9% | |
| Egypt | 1.9% | |
| Morocco | 1.6% | |
| Algeria | 1.5% | |
| Sweden | 1.1% | |
| Colombia | 1.0% | |
| Ukraine | 0.9% | |
| Venezuela | 0.8% | |
| Philippines | 0.8% | |
| Czech Republic | 0.7% | |
| Taiwan | 0.7% | |
| Poland | 0.6% | |
| South Korea | 0.6% | |
| Belarus | 0.5% | |
| United States | 0.5% | |
| Romania | 0.5% | |
| Bangladesh | 0.4% | |
| Pakistan | 0.4% | |
| Serbia | 0.3% | |
| Sudan | 0.3% | |
| Italy | 0.3% | |
| Argentina | 0.3% | |
| Malaysia | 0.3% | |
| Bulgaria | 0.3% | |
| Chile | 0.3% | |
| Azerbaijan | 0.2% | |
| Slovenia | 0.2% | |
| Spain | 0.2% | |
| Hong Kong | 0.2% | |
| Ecuador | 0.2% | |
| Zambia | 0.2% | |
| Lithuania | 0.2% | |
| Greece | 0.2% | |
| Sri Lanka | 0.2% | |
| Honduras | 0.2% | |
| Iraq | 0.2% | |
| Portugal | 0.2% | |
| Nepal | 0.2% | |
| Qatar | 0.2% | |
| Australia | 0.1% | |
| Bosnia and Herzegovina | 0.1% | |
| Moldova | 0.1% | |
| Uruguay | 0.1% | |
| Laos | 0.1% | |
| France | 0.1% | |
| Kazakhstan | 0.1% | |
| Tunisia | 0.1% | |
| Kyrgyzstan | 0.1% | |
| United Kingdom | 0.1% | |
| Oman | 0.1% | |
| Saudi Arabia | 0.1% | |
| Singapore | 0.1% | |
| Peru | 0.1% | |
| Puerto Rico | 0.1% | |
| Panama | 0.1% | |
| Dominican Republic | 0.1% | |
| Japan | 0.1% | |
| Costa Rica | 0.1% |
OS Version:
| Windows 7 | 89.9% | |
| Windows 10 | 5.0% | |
| Windows 8.1 | 2.7% | |
| Windows 8 | 1.4% | |
| Windows Vista | 0.5% | |
| Windows XP | 0.3% | |
| Windows Embedded Standard | 0.1% | |
| Windows Embedded 8.1 | 0.1% |
Analysis
| Subsystem: | Native |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0000111d |
PE Sections:
| Name | Size of data | MD5 |
| .text | 1536 | 326eae7d5584b60149e9391fc04f14c2 |
| .rdata | 1024 | 3338c2a7d22f63a8ccc0cc21fbebabc5 |
| .data | 512 | 46cd298894d9eb66816b2aea692a7004 |
| INIT | 1024 | 3662c3da78ac31688f46c6c77f749b8e |
| .reloc | 512 | 0156716d157a614266a27cbbef63e9c8 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for winmon.sys
