Drlcleaner.info

By ESGI Advisor in Browser Hijackers

Translate To:

Drlcleaner.info is a malicious website and hijacker that is responsible for distributing and promoting the rogue anti-spyware program Safety Center. Drlcleaner.info uses many deceiving words to describe to computer users how they need to purchase Safety Center to remove spyware threats. Drlcleaner.info can install a Trojan that is capable of download malware onto the infected system without any interaction required by the computer user.

File System Details

Drlcleaner.info may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%UserProfile%\My Documents\cs_def.exe
Name: %UserProfile%\My Documents\cs_def.exe Type: Executable File
2.	%UserProfile%\My Documents\install_tag002.exe
Name: %UserProfile%\My Documents\install_tag002.exe Type: Executable File
3.	%UserProfile%\My Documents\102.exe
Name: %UserProfile%\My Documents\102.exe Type: Executable File
4.	%UserProfile%\My Documents\Adrevolver.txtAds360.com
Name: %UserProfile%\My Documents\Adrevolver.txtAds360.com Type: Command, executable file
5.	%Program Files%\SafetyCenter\protector.exe
Name: %Program Files%\SafetyCenter\protector.exe Type: Executable File
6.	%UserProfile%\My Documents\trojan.psw.stealth.a.exe
Name: %UserProfile%\My Documents\trojan.psw.stealth.a.exe Type: Executable File
7.	%UserProfile%\My Documents\tdfhex.dll
Name: %UserProfile%\My Documents\tdfhex.dll Type: Dynamic link library
8.	%UserProfile%\My Documents\0886b8.vom
Name: %UserProfile%\My Documents\0886b8.vom
9.	%WINDOWS%\gbaxl2.dat
Name: %WINDOWS%\gbaxl2.dat Type: Data file
10.	%Program Files%\SafetyCenter\sound.wav
Name: %Program Files%\SafetyCenter\sound.wav
11.	%UserProfile%\My Documents\emalware.cvd
Name: %UserProfile%\My Documents\emalware.cvd
12.	%Program Files%\SafetyCenter\main.ico
Name: %Program Files%\SafetyCenter\main.ico
13.	%UserProfile%\My Documents\default.pss
Name: %UserProfile%\My Documents\default.pss

Registry Details

Drlcleaner.info may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB09B56A-91AB-11DE-95FD-A39056D89593}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{BCA9B86C-91BC-11DE-B1CD-35C755D89593}

HKEY_LOCAL_MACHINE\SOFTWARE\SafetyCenter

HKEY_CLASSES_ROOT\CLSID\{EB09B56A-91AB-11DE-95FD-A39056D89593}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{BCA9B86C-91BC-11DE-B1CD-35C755D89593}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SafetyCenter

HKEY_CLASSES_ROOT\CLSID\{BCA9B86C-91BC-11DE-B1CD-35C755D89593}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{BCA9B86C-91BC-11DE-B1CD-35C755D89593}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkNeighborhood\NameSpace\{BCA9B86C-91BC-11DE-B1CD-35C755D89593}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce "SafetyCenter"

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Drlcleaner.info

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen