Jump to content

Is resmon.resmoncfg a legit file?


Victor2K

Recommended Posts

Today I went to check my APPDATA folder for some file checking and then I found this file resmon.resmoncfg at my Local Folder.

 

It says it's a config file from the Resources Monitor and I tried Virus Total (and scanning with AVG/MBAM) which shown the file is safe, but online I found also that it could be 'involved' in some virus and trojan stuff

 

That means I should let it go or there is something more than meets the eye? 

Link to post
Share on other sites

It is not about "how much" but the quality of the information .
 
For example the fully qualified name and path of the file(s) ( w/o spelling and/or syntax errors ) and the Vrtus Total report URLs.
 
You can also upload the files to UploadMalware.Com and I'll examine them.  If they are malware I'll report back to you and I'll also submit them to Newest Malware Threats

 

If they are not malware, I'll report that information back to you.

 

Executables shouldn't be in located %appdata% but some legitimate software breaks that policy.

Link to post
Share on other sites

Let's try it again

 

Just sent the file to UploadMalware.com as you said and will send the VirusTotal report here

 

https://www.virustotal.com/pt/file/5e3f6662fbbc79d12a36a1d7bc8399c91ab98d46c5c7fb67d7a8cecc49801db9/analysis/1414100116/

 

The file is located at C:\Users\Usuario\AppData\Local\Resmon.Resmoncfg and its

 

SHA256 is: 5e3f6662fbbc79d12a36a1d7bc8399c91ab98d46c5c7fb67d7a8cecc49801db9

MD5:  37c95885d20f4dad3d1ca1c3a25e51ef

 

It's a XML document file also

Link to post
Share on other sites

It's nothing.
 
Just interpreted code and not malicious.
 

<?xml version="1.0" encoding="UTF-8"?><configuration><tabpane autocolumns="false"/><chartpane width="-1" hidden="false"/><cpuchart/><tab id="Overview" chartview="2"><table id="CPU" hidden="false" height="185"><column id="Image" width="180" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="Description" width="217" hidden="false"/><column id="Status" width="58" hidden="false"/><column id="Threads" width="58" hidden="false"/><column id="CPU" width="58" hidden="false"/><column id="AverageCPU" width="58" hidden="false"/><column id="SwitchContext" width="80" hidden="true"/><column id="UserName" width="80" hidden="true"/><column id="Cycle" width="80" hidden="true"/><column id="AverageCycle" width="80" hidden="true"/><column id="Platform" width="80" hidden="true"/><column id="Elevated" width="80" hidden="true"/><sort column="Status" descending="false"/></table><table id="Disk" hidden="true" height="185"><column id="Image" width="172" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="File" width="50" hidden="false"/><column id="Read" width="50" hidden="false"/><column id="Write" width="50" hidden="false"/><column id="DiskTotal" width="50" hidden="false"/><column id="IOPriority" width="50" hidden="false"/><column id="ResponseTime" width="50" hidden="false"/><sort column="IOPriority" descending="true"/></table><table id="Network" hidden="true" height="185"><column id="Image" width="180" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="Address" width="73" hidden="false"/><column id="Send" width="73" hidden="false"/><column id="Receive" width="73" hidden="false"/><column id="NetworkTotal" width="73" hidden="false"/><sort column="NetworkTotal" descending="true"/></table><table id="Memory" hidden="false" height="185"><column id="Image" width="180" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="HardFaults" width="60" hidden="false"/><column id="Commit" width="58" hidden="false"/><column id="WorkingSet" width="58" hidden="false"/><column id="Shareable" width="58" hidden="false"/><column id="Private" width="58" hidden="false"/><sort column="Private" descending="true"/></table></tab><tab id="CPU" chartview="2"><table id="CPU" hidden="false" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="Description" width="120" hidden="false"/><column id="Status" width="80" hidden="false"/><column id="Threads" width="80" hidden="false"/><column id="CPU" width="80" hidden="false"/><column id="AverageCPU" width="80" hidden="false"/><column id="SwitchContext" width="80" hidden="true"/><column id="UserName" width="80" hidden="true"/><column id="Cycle" width="80" hidden="true"/><column id="AverageCycle" width="80" hidden="true"/><column id="Platform" width="80" hidden="true"/><column id="Elevated" width="80" hidden="true"/><sort column="Status" descending="false"/></table><table id="Service" hidden="true" height="185"><column id="Name" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="Description" width="120" hidden="false"/><column id="Status" width="80" hidden="false"/><column id="Group" width="80" hidden="false"/><column id="CPU" width="80" hidden="false"/><column id="AverageCPU" width="80" hidden="false"/><sort column="Status" descending="false"/></table><table id="Handle" hidden="true" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="Type" width="80" hidden="false"/><column id="HandleName" width="280" hidden="false"/><sort column="Image" descending="false"/></table><table id="Module" hidden="true" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="ModuleName" width="100" hidden="false"/><column id="Version" width="80" hidden="false"/><column id="FullPath" width="280" hidden="false"/><sort column="Image" descending="false"/></table></tab><tab id="Memory" chartview="2" focused="true"><table id="Memory" hidden="false" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="HardFaults" width="80" hidden="false"/><column id="Commit" width="80" hidden="false"/><column id="WorkingSet" width="80" hidden="false"/><column id="Shareable" width="80" hidden="false"/><column id="Private" width="80" hidden="false"/><sort column="Private" descending="true"/></table><table id="MemoryWidget" hidden="false"/></tab><tab id="Disk" chartview="2"><table id="ProcessDisk" hidden="false" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="Read" width="80" hidden="false"/><column id="Write" width="80" hidden="false"/><column id="DiskTotal" width="80" hidden="false"/><sort column="DiskTotal" descending="true"/></table><table id="Disk" hidden="true" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="File" width="120" hidden="false"/><column id="Read" width="80" hidden="false"/><column id="Write" width="80" hidden="false"/><column id="DiskTotal" width="80" hidden="false"/><column id="IOPriority" width="80" hidden="false"/><column id="ResponseTime" width="80" hidden="false"/><sort column="IOPriority" descending="true"/></table><table id="Storage" hidden="true" height="185"><column id="LogicalDisk" width="100" hidden="false"/><column id="PhysicalDisk" width="80" hidden="false"/><column id="Utilization" width="80" hidden="false"/><column id="FreeSpace" width="80" hidden="false"/><column id="TotalSpace" width="80" hidden="false"/><column id="QueueLength" width="80" hidden="false"/><sort column="QueueLength" descending="true"/></table></tab><tab id="Network" chartview="2"><table id="ProcessNetwork" hidden="false" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="Send" width="80" hidden="false"/><column id="Receive" width="80" hidden="false"/><column id="NetworkTotal" width="80" hidden="false"/><sort column="NetworkTotal" descending="true"/></table><table id="Network" hidden="true" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="Address" width="120" hidden="false"/><column id="Send" width="80" hidden="false"/><column id="Receive" width="80" hidden="false"/><column id="NetworkTotal" width="80" hidden="false"/><sort column="NetworkTotal" descending="true"/></table><table id="Connection" hidden="true" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="LocalAddress" width="120" hidden="false"/><column id="LocalPort" width="50" hidden="false"/><column id="RemoteAddress" width="120" hidden="false"/><column id="RemotePort" width="50" hidden="false"/><column id="PacketLoss" width="80" hidden="false"/><column id="Latency" width="80" hidden="false"/><column id="ConnSend" width="80" hidden="true"/><column id="ConnReceive" width="80" hidden="true"/><column id="ConnTotal" width="80" hidden="true"/><sort column="Latency" descending="true"/></table><table id="Port" hidden="true" height="185"><column id="Image" width="100" hidden="false"/><column id="PID" width="50" hidden="false"/><column id="Address" width="120" hidden="false"/><column id="Port" width="50" hidden="false"/><column id="Protocol" width="80" hidden="false"/><column id="FirewallStatus" width="80" hidden="false"/><sort column="Port" descending="false"/></table></tab></configuration>
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.