How to remove winmonfs.sys

winmonfs.sys

The module winmonfs.sys has been detected as Rootkit.Gen

winmonfs.sys
Remove winmonfs.sys

File Details

Product Name:

Windows (R) Win 7 DDK driver
Company Name:

Windows (R) Win 7 DDK provider
MD5: 0d3a8d67cd969c6e096b4d29e910dd9e
Size: 18 KB
First Published: 2018-03-02 18:04:03 (6 years ago)
Latest Published: 2022-08-22 23:38:18 (2 years ago)
Status: Rootkit.Gen (on last analysis)
Analysis Date: 2022-08-22 23:38:18 (2 years ago)

Overview

Signed By: WDKTestCert Admin,131480495282941941
Status: Valid

Common Places:

%system%
%system%
%system%
%system%
%system%
%system%
%system%
%system%
%system%
%system%

File Names:

WinmonFS.sys
winmonfs.sys
WinmonFS.sys.vir

Geography:

30.7%
17.7%
5.4%
4.4%
4.3%
4.0%
3.6%
3.3%
2.5%
2.0%
1.8%
1.6%
1.6%
1.5%
1.0%
0.8%
0.7%
0.7%
0.6%
0.6%
0.6%
0.5%
0.5%
0.5%
0.5%
0.5%
0.4%
0.4%
0.4%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 7 90.7%
Windows 10 4.9%
Windows 8.1 2.1%
Windows 8 1.5%
Windows Vista 0.5%
Windows XP 0.1%
Windows Embedded Standard 0.1%
Windows Embedded 8.1 0.1%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000070ec

PE Sections:

Name Size of data MD5
.text 8704 cfc50a1eeeec579d33b3d816984b9404
.rdata 2048 42438ce394f2106795ad0912b3d6e415
.data 512 bf30a46ba52cfea06d234e66bc22cb6c
PAGE 512 f7265ef52ad826fbfc029a095881b67c
INIT 2048 6b8afeab5bcb017c58ffe953399f881e
.rsrc 1536 bed3820b626f72de789b03425e077c52
.reloc 512 46474f820ba97912cb36defa1ede7f32

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for winmonfs.sys
copyright for information about winmonfs.sys