How to remove $RS5H9F9.exe

$RS5H9F9.exe

The module $RS5H9F9.exe has been detected as PUP.Gen

$RS5H9F9.exe
Remove $RS5H9F9.exe

File Details

Product Name:

Traffic Exchange
Company Name:

Microleaves
MD5: e04ef7f4c47414b4901135d60ca6e0f0
Size: 858 KB
First Published: 2017-05-21 16:04:26 (6 years ago)
Latest Published: 2021-01-07 08:08:49 (3 years ago)
Status: PUP.Gen (on last analysis)
Analysis Date: 2021-01-07 08:08:49 (3 years ago)

Overview

Signed By: MICROLEAVES LTD
Status: Valid

Common Places:

%windir%\temp\297adb65036e9306052eeab78033fb74
%programfiles%\microleaves\traffic exchange
%sysdrive%\adwcleaner\quarantine\files\ltcguxvpsrbwkznnawxzlhosmwhdkxru\traffic exchange
%sysdrive%\adwcleaner\quarantine\files\moepuiqsblftttjqvravpazmocbxmofk\traffic exchange
%appdata%\zhp\quarantine\microleaves.quarantined\traffic exchange
%appdata%\zhp\quarantine\microleaves\traffic exchange
%sysdrive%\adwcleaner\quarantine\files\uehkobnoumrsoymxqypkdxmonabbkbcs\traffic exchange
%windir%\temp\d1fe0675b1f252431b385734e229043a
%sysdrive%\adwcleaner\quarantine\files\vlblqauwziwzhgbekusylifbkuaqdfkj\traffic exchange
%sysdrive%\adwcleaner\quarantine\files\nltlnnnizltgrxicwqifkyekhsdpiber\traffic exchange

Geography:

19.6%
8.5%
5.8%
5.0%
3.7%
3.4%
2.9%
2.7%
2.4%
2.4%
2.4%
2.1%
1.9%
1.9%
1.9%
1.9%
1.6%
1.6%
1.6%
1.3%
1.1%
1.1%
1.1%
1.1%
1.1%
1.1%
1.1%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%

OS Version:

Windows 7 47.6%
Windows 10 38.2%
Windows 8.1 10.5%
Windows 8 3.7%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00038832

PE Sections:

Name Size of data MD5
.text 349696 d5d0d7abd3dd20bdc5fad4148f5e5982
.rdata 102400 5a8a910144ffc7242340f306772061cb
.data 4096 6f493745220e3a4882f50c83c8a16e04
.gfids 1024 e24e9cee6326d4ce7c7d9f1340ac13d4
.tls 512 1f354d76203061bfdd5a53dae48d5435
.rsrc 391680 025866f280064b8e447e5e18dba651f8
.reloc 20480 4e14e812f58653e18fbf79ea1cfa1647

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RS5H9F9.exe
copyright for information about $RS5H9F9.exe