How to remove VCDRomX64.sys

» File
File Details
Overview
Analysis

VCDRomX64.sys

The module VCDRomX64.sys has been detected as Adware.Kuaiba

VCDRomX64.sys

Remove VCDRomX64.sys

File Details

Main Info:

MD5:	ff22dbcd6da9e40c480adb02fc3718e9
Size:	24 KB
First Published:	2017-05-21 03:02:08 (7 years ago)
Latest Published:	2022-05-06 23:50:07 (2 years ago)

Analysis:

Status:	Adware.Kuaiba (on last analysis)
Analysis Date:	2022-05-06 23:50:07 (2 years ago)

Overview

Digital Signature

Signed By:	深圳市猫哈网络科技发展有限公司
Status:	Valid

Common Places:

%system%\drivers

%programfiles%\maoha\jisuzip\iso

%system%

%sysdrive%\adwcleaner\quarantine\files\ydnmbaqijnfabvujyxwxbtqpmxdpfwxp\jisuzip

%sysdrive%\adwcleaner\quarantine\fraqbc8wsa\jisuzip

%programfiles%\maoha\jisuzip

%sysdrive%\adwcleaner\quarantine\files\ruddtdlmpjiuppfihbfbzcvopgmvqlgr\jisuzip

%localappdata%\maoha\jisuzip

%programfiles%\maoha\jisuzip

%system%

File Names:

vcdrom.sys

VCDRomX64.sys

Geography:

	20.8%
	20.1%
	11.4%
	7.2%
	4.1%
	2.7%
	2.7%
	2.6%
	2.5%
	2.4%
	1.7%
	1.5%
	1.4%
	1.4%
	1.2%
	1.2%
	1.1%
	1.1%
	1.0%
	0.9%
	0.7%
	0.7%
	0.7%
	0.6%
	0.6%
	0.6%
	0.6%
	0.5%
	0.5%
	0.5%
	0.5%
	0.4%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 7	53.2%
Windows 10	36.6%
Windows 8.1	9.7%
Windows 8	0.6%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000010000
Entry Address:	0x00007178

PE Sections:

Name	Size of data	MD5
.text	6656	499ccfac511145bc16592a42f4c6e32d
.rdata	1024	2425c27243ddd9430da7913166e6c15c
.data	512	043c46095689123e1f5be96c109c2f46
.pdata	512	b99c5e60459c3faaaa0649b9d3da4794
PAGE	512	15a0426200f1bdc042bd88c6a67061db
INIT	2048	0e13da5ee7583d0a2daac1c8699e5641

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for VCDRomX64.sys

copyright for information about VCDRomX64.sys