How to remove $RSTVLVR.EXE

$RSTVLVR.EXE

The module $RSTVLVR.EXE has been detected as General Threat

$RSTVLVR.EXE
Remove $RSTVLVR.EXE

File Details

Company Name:

Microsoft Windows

MD5: e71350dbb71c7841817afb668c4cd346
Size: 2 MB
First Published: 2018-08-09 07:07:14 (7 years ago)
Latest Published: 2024-08-10 23:02:25 (a year ago)
Status: General Threat (on last analysis)
Analysis Date: 2024-08-10 23:02:25 (a year ago)

Common Places:

%sysdrive%\$recycle.bin
%mydoc%\已恢复
%mydoc%\已恢复
%mydoc%\已恢复
%mydoc%\已恢复
%sysdrive%\$recycle.bin\s-1-5-21-3797173654-4006398556-1229081200-500

Geography:

66.7%
33.3%

OS Version:

Windows 10 83.3%
Windows 7 16.7%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x001ca284

PE Sections:

Name Size of data MD5
CODE 1876480 7d4b41d785e73a45415efb8b18e1f861
DATA 38912 cef39c310001df8750c40b4c5d920fbe
BSS 0 00000000000000000000000000000000
.idata 12800 31083a92516617d537227766df3e4952
.tls 0 00000000000000000000000000000000
.rdata 512 6a3c81f181929f1ff7040b4f728726e1
.reloc 111616 2ec4e3ac0b0bc5288333cb7e514707f4
.rsrc 930304 041ca1f53e1757a4665accc4bc45849d

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RSTVLVR.EXE
copyright for information about $RSTVLVR.EXE