How to remove $RSFCOLY.exe

$RSFCOLY.exe

The module $RSFCOLY.exe has been detected as Adware.ELEX

$RSFCOLY.exe
Product Name:

Firefox

Company Name:

Mozilla Foundation

MD5: a5f357315e54112394a67586ccb7a532
Size: 95 KB
First Published: 2017-05-24 11:10:32 (7 years ago)
Latest Published: 2019-04-01 19:53:02 (5 years ago)
Status: Adware.ELEX (on last analysis)
Analysis Date: 2019-04-01 19:53:02 (5 years ago)
Signed By: Mengmeng Wang
Status: Valid
%programfiles%\firefox
%sysdrive%\adwcleaner\quarantine\files\rszejbxwtcmauudlsqitlujsdrmndwbk
%sysdrive%\$recycle.bin\s-1-5-21-1515912927-174380303-3839714098-1001\$ray0gxo
%sysdrive%\$recycle.bin\s-1-5-21-3737494481-1270847105-2955528620-1000
%programfiles%\59268ba6_jumpeasy\sdirec
%programfiles%\592555f9_jumpeasy\sdirec
%sysdrive%\adwcleaner\quarantine\files\tpcysuvkwihevhehjjthgqodwqcmcura
%sysdrive%\adwcleaner\quarantine\files\pdtyxugckxueyuxrhshgxdjblezsdqrw
%sysdrive%\adwcleaner\quarantine\files\mjxftjlavkjfpqywfokrhiyzuuxwsoxt
%sysdrive%\quarantine_mzk\folders\201705258450847\firefox. 9.15.57.25
wow_helper.exe
$RSFCOLY.exe
29.1%
12.6%
11.3%
8.6%
7.9%
5.3%
4.0%
2.6%
2.0%
2.0%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
Windows 7 48.7%
Windows 10 38.2%
Windows 8.1 9.9%
Windows 8 2.6%
Windows Server 2012 R2 0.7%
Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00001930

PE Sections:

Name Size of data MD5
.text 44032 92e3ca91125007d78e6b5ec1b4d716bd
.TargetC 512 9829836b98074d6c7c86063ac7d692aa
.rdata 36864 26b80f66f63107c9d81ba3a8e9b05521
.data 2560 2d510bdca42c044635b7342d15ebb177
.pdata 3584 dfc4bf6ced6b9f3fe943da5b66037f1e
.gfids 512 ffb5942c61f309d658ff4a5c83dd7502
.rsrc 1024 d35c8010414a501913431fbe52fcd51b
.reloc 2048 6424835f1c91148144e7c6d5b6a12108

More information:

Download GridinSoft Anti-Malware - Removal tool for $RSFCOLY.exe