Home » Virus List
Worm.Generic
Risk Level 1
 
File Size : 212992 KB
File Type : Portable Executable file
File Name

DelDrv.exe

MD5

6cf06074173e50fcd74720596ffb5f30

SHA1

fdf5a9a44150f02426f57d088bcac3407570c868

SHA256

ded27117434ea083a3078f57fee786206989144864d03a2e57

General information:

* File name: C:\Users\vmware\Desktop\malware\6cf06074173e50fcd74720596ffb5f30.exe

Changes to registry :

no change

Changes to filesystem:

* Modifies file C:\Windows\system32\calc.exe
* Modifies file C:\Windows\system32\cleanmgr.exe
* Modifies file C:\Windows\system32\ctfmon.exe
* Modifies file C:\Windows\system32\notepad.exe
* Modifies file C:\Windows\system32\userinit.exe
* Creates file C:\Users\vmware\AppData\Local\Temp\1221.pif
* Modifies file C:\Users\vmware\Desktop\malware\6cf06074173e50fcd74720596ffb5f30.exe

Network services:

* Queries DNS "VMWARE.localdomain".

Process/window/string information:

* Uses a pipe for inter-process communication.
* Creates process "null, C:\Users\vmware\AppData\Local\Temp\1221.pif ////DAEMON, null".
* Injects code into process "C:\Sandbox\vmware\DefaultBox\user\current\AppData\Local\Temp\1221.pif".
* Creates process "C:\Users\vmware\Desktop\malware\6cf06074173e50fcd74720596ffb5f30.exe, , null".
* Sleeps 62755 seconds.

Additional Information:

How To Remove DelDrv.exe

1.Download Sniper Antivirus
2.Install the exe file on your system.
3.Full Scan your Computer OR Folder where DelDrv.exe located.
4.Once the scan is finished, you’ll get the message “scan is complete”.
Click OK button to get the results.
5.Then Delete the threat from table.

Top