How to remove xmarin.sys
xmarin.sys
The module xmarin.sys has been detected as Adware.NetFilter
File Details
| Product Name: | Windows (R) Win 7 DDK driver |
| Company Name: | Windows (R) Win 7 DDK provider |
| MD5: | 1449f109160cced4c507147ac549891b |
| Size: | 53 KB |
| First Published: | 2017-05-21 07:09:13 (7 years ago) |
| Latest Published: | 2020-08-31 13:29:47 (4 years ago) |
| Status: | Adware.NetFilter (on last analysis) | |
| Analysis Date: | 2020-08-31 13:29:47 (4 years ago) |
Overview
| Signed By: | OOO "Stroy Info Tehno" |
| Status: | Valid |
Common Places:
| %system%\drivers |
| %system% |
| %sysdrive%\windows.old\cleanup\0001.~bt\newos\windows\system32 |
| %sysdrive%\$windows.~bt\newos\windows\system32 |
| %sysdrive%\windows.old\cleanup\0000.~bt\newos\windows\system32 |
| %sysdrive%\adwcleaner\quarantine |
| %sysdrive%\$recycle.bin |
| %sysdrive%\system volume information\systemrestore\frstaging\windows\system32 |
| %system% |
| %system% |
File Names:
| Mp03bNk34DGe.sys |
| xmarin.sys |
| unityp.sys |
| bh05EHPv0G0a.sys |
| or3Nrzr779Xj.sys |
| TF5hsQ80fLGH.sys |
| fRImR0viTZOr.sys |
| TpQVSLPIfQ1A.sys |
| xpon.sys |
| OZfZQvTEsaKV.sys |
| packagest.sys |
| geckof.sys |
| pVxMCITSBEVu.sys |
| 2slxsRiMppq8.sys |
| 7XygjC4838lq.sys |
| brJM3hsJ6pJf.sys |
| L2s4xm2EEo3f.sys |
| ExLu67bJgRsl.sys |
| monotype.sys |
| TU25lMY7f5gt.sys |
| xHam79uaBd7K.sys |
| umXtsOAzwclE.sys |
| 24MDWCPMSxV0.sys |
| Nrmcl6gHmo9C.sys |
| wt6QdQqPCSbw.sys |
| Nk0FlBAmauCi.sys |
| rAJQOTRbNUM8.sys |
| j6W8jdx6fHd0.sys |
| 86SZ4onFYsxb.sys |
| YC0XirNZZb1Q.sys |
| EwmSAaCKlsoB.sys |
| JEmEYZd5vksr.sys |
| zfo1oyvSLVD7.sys |
| FUzg5E9EUW3k.sys |
| SmyhAfX05N5z.sys |
| hCLr5sbR3jH3.sys |
| C2Mq7RDwdB2c.sys |
| jMVDiu4tFAUO.sys |
| yBNzPYX0yDqg.sys |
| H5la8f54CbfW.sys |
| RsSMZ1voIhiH.sys |
| N5m4Xl8a9AEu.sys |
| 0IOImldpj5Gg.sys |
| TxDjHF8Eelmz.sys |
| 1MKbW52VXwzy.sys |
| 2RjzTT4bsXiD.sys |
| wDvCbfHzScuj.sys |
| ejPOBmNbEtV0.sys |
| xd4I9QhBmkKU.sys |
| IpZencevmVVt.sys |
| guCJaAOQiInv.sys |
| tEPdiWIzIOoQ.sys |
| 8LGztGBfjbkB.sys |
| 4pmiTyzMfSEw.sys |
| xFQCigwwtL7d.sys |
| wMkAHPJUka4K.sys |
| E8OrMPJfoFjQ.sys |
| cmUd6Mtkzj7u.sys |
| xS1PyIPH1bli.sys |
| XW4g27GoPcqi.sys |
| CtpSbRSPHmb7.sys |
| 0rLEDXu3uQEg.sys |
| oU41HGEJa0lE.sys |
| I9SmGr6DJhci.sys |
| t7xB2MmTgT38.sys |
| UinkWwoRuosi.sys |
| CLlfH3r9zaSP.sys |
| SsylIrTNarNQ.sys |
| pfhVjZT8mRxi.sys |
| ah30VmOQguV9.sys |
| WZpRiN6p59QA.sys |
| 9zI46ihbCcxC.sys |
| aUPWc2HInnf7.sys |
| RQXnBSJSAiGd.sys |
| ljLP7ESt9CVe.sys |
| Ac78dMizrcqh.sys |
| m5tMYBBD7nqg.sys |
| N38RwBolvUpI.sys |
| iKMkTH4aPpVk.sys |
| nfsNycJfwHHj.sys |
| yrGu2Y6FvTWS.sys |
| IOyYNO2dhWv6.sys |
| adr9xYxQsDWs.sys |
| rsbymhnLh5Iu.sys |
| JZwqMbCQ3Q7y.sys |
| WjX4rDk8lAI2.sys |
| zDJfOia1GHs2.sys |
| iNQtTvqds20n.sys |
| ZnEOH0bAANbQ.sys |
| UJiBE7hWjuCL.sys |
| qofKjTFgrHOY.sys |
| GAbCoqbLGHkX.sys |
| 8U3obSR5OD6Y.sys |
| oJzpNVirYQSd.sys |
| LU0unc6afhGw.sys |
| 5HupAm1poiQj.sys |
| etlwHtcgz4mp.sys |
| plY6WBv4VphD.sys |
| oZ2fKxAXqAGU.sys |
| 8ikvI2qrAUSl.sys |
| CisdAZ2VO0VB.sys |
| QZ7k01SnG542.sys |
| 4nZrnIfkr0VK.sys |
| bUFOIEbMZU2o.sys |
| qBruib9UyCtP.sys |
| 5uKBlZYd4CCg.sys |
| pMBjnK5QRPUc.sys |
| WHM8S2HvK8sD.sys |
| s8OcMEwhjbrn.sys |
| rmuYPDMZS5TI.sys |
| a0yLfnOM5ZcK.sys |
| zB9TxVYRfliM.sys |
| HBhKVrBiBwWK.sys |
| nDTKVXPuyiXJ.sys |
| 31HzizCoUzFp.sys |
| ffROOfoaC3aI.sys |
| 69PF7payA8OL.sys |
| OVbiDQqGrfeb.sys |
| TO41WNdRojML.sys |
| $RO1AGRL.sys |
| 62GuBurC1MtQ.sys |
| zddsOtAWabGG.sys |
| Xi62tguFfCbq.sys |
| 1Mex6nFec0Gv.sys |
| zNPRDTPbklCU.sys |
| piQbK39JkeEl.sys |
| packagest(278).sys |
| DGEFqk04huhe.sys |
| nz72NwRp17Hi.sys |
| Ya7eQsnCc6C1.sys |
| 4hBW2s8RAq9f.sys |
| QkQfAhYMX7JC.sys |
| LC4zrCWtJ8bs.sys |
| sHpviwOhzXZP.sys |
| 4gxywjrGO89A.sys |
| KKfJ38Ibfwkn.sys |
| AT8lhFl7Dwk6.sys |
| Gkk0qh7rYwqL.sys |
| 4pZRG9HquSFu.sys |
| 1QQYw2DpHTnB.sys |
| gfg1AmjO2sO4.sys |
| m6ka3CGeTBtp.sys |
| KVHefxZLJ1PP.sys |
| cwuQSiBDg8Kt.sys |
| CTXzXld0tTX9.sys |
| Peu3C0wvoSEA.sys |
| Dm1I0WGsPl32.sys |
| Pn5r14OZDudY.sys |
| ajP3WpN3IKIJ.sys |
| k84Iv1rXv4Aw.sys |
| h22qVvq4l8OU.sys |
| Lj9adyoxNVBG.sys |
| $RVDZNOG.sys |
| zMQsmXwCmW7V.sys |
| h75T0q0MVnZu.sys |
| 5BhTuHE6J1HQ.sys |
| 07YUyPVvdqfD.sys |
| ZEPVZp7uzJds.sys |
| 9y7Ih0bsri2w.sys |
Geography:
| 45.2% | ||
| 26.6% | ||
| 3.4% | ||
| 2.5% | ||
| 2.1% | ||
| 1.6% | ||
| 1.3% | ||
| 1.2% | ||
| 1.0% | ||
| 0.9% | ||
| 0.8% | ||
| 0.8% | ||
| 0.7% | ||
| 0.7% | ||
| 0.7% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% |
OS Version:
| Windows 10 | 78.9% | |
| Windows 7 | 9.2% | |
| Windows 8.1 | 8.7% | |
| Windows 8 | 3.1% | |
| Windows Embedded 8.1 | 0.2% |
Analysis
| Subsystem: | Native |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000000010000 |
| Entry Address: | 0x0000e064 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 39936 | 7bffa65de9c0b6057399c830c8f7f05f |
| .rdata | 2560 | 770f0dbf1c0c3541fdcacbc90c1ad540 |
| .data | 512 | f425c86fa48e33269f447f3eb63c79f9 |
| .pdata | 1536 | 2e0e4a5f3e17736fdb775c98b2dc3c63 |
| INIT | 3584 | 5088faea89d9ac87fb57aed1918a1493 |
| .rsrc | 1024 | 3e01a241a36067fefcfe119b4072919b |
More information:
Download GridinSoft
Anti-Malware - Removal tool for xmarin.sys
