How to remove check_windrvr6.exe

check_windrvr6.exe

The module check_windrvr6.exe has been detected as Ransom.Exp

check_windrvr6.exe
Remove check_windrvr6.exe

File Details

MD5: 63b515bebf54f1e9701f1f90f8f11883
Size: 109 KB
First Published: 2020-02-17 13:33:37 (5 years ago)
Latest Published: 2023-04-20 23:15:53 (2 years ago)
Status: Ransom.Exp (on last analysis)
Analysis Date: 2023-04-20 23:15:53 (2 years ago)

Common Places:

%sysdrive%\xilinx\vivado\2018.2\data\xicom\cable_drivers\nt64
%sysdrive%\xilinx\sdk\2018.2\data\xicom\cable_drivers\nt64
%sysdrive%\xilinx\vivado\2019.2\data\xicom\cable_drivers\nt64
%sysdrive%\xilinx\vivado\2020.1\data\xicom\cable_drivers\nt64
%sysdrive%\xilinx\vivado\2020.1\data\xicom\cable_drivers\nt64
%sysdrive%\xilinx\vitis\2020.1\data\xicom\cable_drivers\nt64
%sysdrive%\nifpga\programs\vivado2019_1\data\xicom\cable_drivers\nt64
%sysdrive%\vivado\2021.1\data\xicom\cable_drivers\nt64
%sysdrive%\xilinx\vitis\2022.2\data\xicom\cable_drivers\nt64
%sysdrive%\xilinx\vivado\2022.2\data\xicom\cable_drivers\nt64

Geography:

20.0%
20.0%
20.0%
10.0%
10.0%
10.0%
10.0%

OS Version:

Windows 10 90.0%
Windows 8.1 10.0%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x000014d4

PE Sections:

Name Size of data MD5
.text 64512 50cd5b7a0b1522f499b10e5fc320bda6
.rdata 38912 cf5101c95691650f6907d91790bf32f4
.data 2560 48e8f3cc2b24e4d6c4320588a467e2d9
.pdata 4096 397a162098cb79252404f2eda5ed63a9
.gfids 512 93f3bcded3de47ee7ac350a7a8cba322
.rsrc 512 259c6a0f3892b3cb46826c9ecfa5e3fd

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for check_windrvr6.exe
copyright for information about check_windrvr6.exe