How to remove winmon.sys

» File
File Details
Overview
Analysis

winmon.sys

The module winmon.sys has been detected as Rootkit.Gen

winmon.sys

Remove winmon.sys

File Details

Main Info:

MD5:	4ef0c39e632279d7b3672d2efc071e5b
Size:	7 KB
First Published:	2018-03-02 18:04:03 (7 years ago)
Latest Published:	2022-08-22 23:36:39 (2 years ago)

Analysis:

Status:	Rootkit.Gen (on last analysis)
Analysis Date:	2022-08-22 23:36:39 (2 years ago)

Overview

Digital Signature

Signed By:	WDKTestCert Admin,131480495282941941
Status:	Valid

Common Places:

%system%

%sysdrive%\adwcleaner\quarantine

%sysdrive%\windows.old\windows\system32

%system%

%system%

%system%

%system%

%system%

%system%

%system%

File Names:

Winmon.sys

winmon.sys

Winmon.sys.vir

Geography:

	29.6%
	18.0%
	5.6%
	4.4%
	4.1%
	4.0%
	3.8%
	3.2%
	2.3%
	2.3%
	1.9%
	1.9%
	1.6%
	1.5%
	1.1%
	1.0%
	0.9%
	0.8%
	0.8%
	0.7%
	0.7%
	0.6%
	0.6%
	0.5%
	0.5%
	0.5%
	0.4%
	0.4%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 7	89.9%
Windows 10	5.0%
Windows 8.1	2.7%
Windows 8	1.4%
Windows Vista	0.5%
Windows XP	0.3%
Windows Embedded Standard	0.1%
Windows Embedded 8.1	0.1%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0000111d

PE Sections:

Name	Size of data	MD5
.text	1536	326eae7d5584b60149e9391fc04f14c2
.rdata	1024	3338c2a7d22f63a8ccc0cc21fbebabc5
.data	512	46cd298894d9eb66816b2aea692a7004
INIT	1024	3662c3da78ac31688f46c6c77f749b8e
.reloc	512	0156716d157a614266a27cbbef63e9c8

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for winmon.sys

copyright for information about winmon.sys