» ipnm.dll
Overview
Analysis
File Details

ipnm.dll

Windows Operating System

Microsoft Software Corporation

The module ipnm.dll, “WMI Performance Reverse Adapter” by Microsoft Software has been detected as a potentially unwanted program by 12 anti-malware scanners.

File name:

ipnm.dll

Publisher:

Foundation Corporation (signed by Microsoft Software Corporation)

Product:

Windows® Operating System

Description:

WMI Performance Reverse Adapter

Version:

6.1.7600.16385 (win7_rtm.090713-1255)

MD5:

abc7f5e8ae02077f197e4d818eac41e2

SHA-1:

912e3899ae7cf35d16a8c83bdc52b56de39286ae

SHA-256:

48c695c3967ba9d11a730f1af8fc799d29fc87fdaa2c83e79ac16e4c954ac57a

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 9:59:44 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.RemoteAdmin.RFS

1036

Bitdefender

Application.RemoteAdmin.RFS

1.0.20.475

Bkav FE

HW32.Pedka

1.3.0.4923

Comodo Security

Heur.Packed.Unknown

17811

ESET NOD32

Win32/RemoteAdmin.RemoteUtilities (variant)

8.9440

F-Secure

Application.RemoteAdmin.RFS

11.2014-05-04_7

G Data

Application.RemoteAdmin.RFS

14.4.24

IKARUS anti.virus

Application.RemoteAdmin.RFS

t3scan.2.2.29

K7 AntiVirus

Unwanted-Program

13.176.11205

Kaspersky

not-a-virus:RemoteAdmin.Win32.Agent

14.0.0.4064

NANO AntiVirus

Riskware.Win32.RemoteAdmin.cjvhfh

0.28.0.57630

Sophos

Generic PUA LK

4.97

File size:

141.8 KB (145,208 bytes)

Product version:

6.1.7600.16385

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\vmwarednd\54c6ada0\7zipsfx.000\ipnm.dll

Digital Signature

Signed by:

Microsoft Software Corporation

Authority:

Microsoft Software Corporation

Valid from:

10/23/2013 3:48:54 PM

Valid to:

1/1/2040 5:59:59 AM

Subject:

CN=Microsoft Software Corporation

Issuer:

CN=Microsoft Software Corporation

Serial number:

4559BCE5B18F238748894945FC1CEA73

File PE Metadata

Compilation timestamp:

5/18/2013 11:34:25 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

3072:C8labUOwnR4NTYkWL/ateuQPMPDSeqqStpiKNiU:C8ltR4Z+LBp3

Entry address:

0x1D3B4

Entry point:

55, 8B, EC, 83, C4, C0, B8, 24, 9B, 15, 13, E8, 70, AE, FE, FF, 6A, 00, 6A, 00, 68, DC, 4E, 16, 13, B9, 38, 98, 15, 13, 33, D2, 33, C0, E8, 59, 81, FE, FF, E8, C8, 7F, FE, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 13, 00, 00, 00, 19, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

109.5 KB (112,128 bytes)

Remove ipnm.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.