How to remove winmonprocessmonitor.sys
- File Details
- Overview
- Analysis
winmonprocessmonitor.sys
The module winmonprocessmonitor.sys has been detected as Rootkit.Gen
File Details
| MD5: |
290389e59ca9fe99ce1779f41f26d645 |
| Size: |
35 KB |
| First Published: |
2018-04-04 14:13:19 (7 years ago) |
| Latest Published: |
2022-05-05 23:48:26 (3 years ago) |
| Status: |
Rootkit.Gen (on last analysis) |
|
| Analysis Date: |
2022-05-05 23:48:26 (3 years ago) |
Overview
| %system% |
| %sysdrive%\adwcleaner\quarantine\v1\20180626.200429 |
| %sysdrive%\tdsskiller_quarantine\12.07.2018_21.50.52\uds0004 |
| %sysdrive%\tdsskiller_quarantine\25.07.2018_14.54.39\uds0004 |
| %sysdrive%\tdsskiller_quarantine\12.07.2018_16.43.28\uds0004 |
| %sysdrive%\tdsskiller_quarantine\09.08.2018_17.08.33\uds0004 |
| %sysdrive%\adwcleaner\quarantine\v1\20181015.194250 |
| %sysdrive%\adwcleaner\quarantine\v1\20181015.155043 |
| %system% |
| %system% |
| WinmonProcessMonitor.sys |
| winmonprocessmonitor.sys |
| WinmonProcessMonitor.sys#50B8293A3F329DF3 |
| trzF4D3.tmp |
| tsk0000.dta |
|
14.7% |
|
|
10.5% |
|
|
7.8% |
|
|
7.4% |
|
|
7.4% |
|
|
5.3% |
|
|
3.0% |
|
|
2.9% |
|
|
2.9% |
|
|
2.8% |
|
|
1.7% |
|
|
1.6% |
|
|
1.6% |
|
|
1.4% |
|
|
1.4% |
|
|
1.3% |
|
|
1.2% |
|
|
1.2% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.7% |
|
|
0.7% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 7 |
51.4% |
|
| Windows 10 |
42.5% |
|
| Windows 8.1 |
5.8% |
|
| Windows 8 |
0.2% |
|
| Windows Vista |
0.1% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x00001184 |
| Name |
Size of data |
MD5 |
| .text |
2048 |
6ef3b13d932fe4a552b4dc159e640ccc |
| .rdata |
27648 |
f2092c97d1bf0a7c0ca90f64c527e381 |
| .data |
512 |
107e635ebe745f574deec4bc90fa5348 |
| .pdata |
512 |
634d1a32cb08ce34cb5570231c995e40 |
| INIT |
1024 |
25fc9a0072663960d841e1f2de08bddd |
| .reloc |
1536 |
cb0adfc75404fa56ac0fd22f7aa4aec9 |
