How to remove $R2HYP65.exe

$R2HYP65.exe

The module $R2HYP65.exe has been detected as Adware.ELEX

$R2HYP65.exe
Remove $R2HYP65.exe

File Details

Product Name:

Firefox
Company Name:

Mozilla Corporation
MD5: 60f496bf0b713d8ffbe994af04ab5367
Size: 157 KB
First Published: 2017-05-24 11:10:30 (6 years ago)
Latest Published: 2019-04-01 20:00:24 (5 years ago)
Status: Adware.ELEX (on last analysis)
Analysis Date: 2019-04-01 20:00:24 (5 years ago)

Overview

Signed By: Mengmeng Wang
Status: Valid

Common Places:

%programfiles%\firefox
%sysdrive%\adwcleaner\quarantine\files\rszejbxwtcmauudlsqitlujsdrmndwbk
%sysdrive%\$recycle.bin\s-1-5-21-1515912927-174380303-3839714098-1001\$ray0gxo
%sysdrive%\$recycle.bin\s-1-5-21-3737494481-1270847105-2955528620-1000
%programfiles%\59268ba6_jumpeasy\sdirec
%programfiles%\592555f9_jumpeasy\sdirec
%sysdrive%\adwcleaner\quarantine\files\tpcysuvkwihevhehjjthgqodwqcmcura
%sysdrive%\adwcleaner\quarantine\files\pdtyxugckxueyuxrhshgxdjblezsdqrw
%sysdrive%\adwcleaner\quarantine\files\mjxftjlavkjfpqywfokrhiyzuuxwsoxt
%sysdrive%\quarantine_mzk\folders\201705258450847\firefox. 9.15.57.25

File Names:

plugin-container.exe
$R2HYP65.exe

Geography:

29.1%
12.6%
11.3%
8.6%
7.9%
5.3%
4.0%
2.6%
2.0%
2.0%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%

OS Version:

Windows 7 48.0%
Windows 10 39.5%
Windows 8.1 9.2%
Windows 8 2.6%
Windows Server 2012 R2 0.7%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0000ef67

PE Sections:

Name Size of data MD5
.text 61952 eeda1d83e7e8d1c5e456833773434f79
.rdata 83456 c3cf9d520619f440588f509f73e43e68
.data 512 8fb5af9ca2ac75df91512df9b1c03e43
.gfids 512 e09c26e1b00232541c7b3a90106a2851
.tls 512 1f354d76203061bfdd5a53dae48d5435
.rsrc 3072 5abfd52c1e8b5f94dd4aa3d5cb890f64
.reloc 4096 c2edf60968333ed3dde94a892a69cddd

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $R2HYP65.exe
copyright for information about $R2HYP65.exe