How to remove $RSFCOLY.exe
- File Details
- Overview
- Analysis
$RSFCOLY.exe
The module $RSFCOLY.exe has been detected as Adware.ELEX
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
a5f357315e54112394a67586ccb7a532 |
| Size: |
95 KB |
| First Published: |
2017-05-24 11:10:32 (6 years ago) |
| Latest Published: |
2019-04-01 19:53:02 (5 years ago) |
| Status: |
Adware.ELEX (on last analysis) |
|
| Analysis Date: |
2019-04-01 19:53:02 (5 years ago) |
Overview
| %programfiles%\firefox |
| %sysdrive%\adwcleaner\quarantine\files\rszejbxwtcmauudlsqitlujsdrmndwbk |
| %sysdrive%\$recycle.bin\s-1-5-21-1515912927-174380303-3839714098-1001\$ray0gxo |
| %sysdrive%\$recycle.bin\s-1-5-21-3737494481-1270847105-2955528620-1000 |
| %programfiles%\59268ba6_jumpeasy\sdirec |
| %programfiles%\592555f9_jumpeasy\sdirec |
| %sysdrive%\adwcleaner\quarantine\files\tpcysuvkwihevhehjjthgqodwqcmcura |
| %sysdrive%\adwcleaner\quarantine\files\pdtyxugckxueyuxrhshgxdjblezsdqrw |
| %sysdrive%\adwcleaner\quarantine\files\mjxftjlavkjfpqywfokrhiyzuuxwsoxt |
| %sysdrive%\quarantine_mzk\folders\201705258450847\firefox. 9.15.57.25 |
| wow_helper.exe |
| $RSFCOLY.exe |
|
29.1% |
|
|
12.6% |
|
|
11.3% |
|
|
8.6% |
|
|
7.9% |
|
|
5.3% |
|
|
4.0% |
|
|
2.6% |
|
|
2.0% |
|
|
2.0% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
| Windows 7 |
48.7% |
|
| Windows 10 |
38.2% |
|
| Windows 8.1 |
9.9% |
|
| Windows 8 |
2.6% |
|
| Windows Server 2012 R2 |
0.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x00001930 |
| Name |
Size of data |
MD5 |
| .text |
44032 |
92e3ca91125007d78e6b5ec1b4d716bd |
| .TargetC |
512 |
9829836b98074d6c7c86063ac7d692aa |
| .rdata |
36864 |
26b80f66f63107c9d81ba3a8e9b05521 |
| .data |
2560 |
2d510bdca42c044635b7342d15ebb177 |
| .pdata |
3584 |
dfc4bf6ced6b9f3fe943da5b66037f1e |
| .gfids |
512 |
ffb5942c61f309d658ff4a5c83dd7502 |
| .rsrc |
1024 |
d35c8010414a501913431fbe52fcd51b |
| .reloc |
2048 |
6424835f1c91148144e7c6d5b6a12108 |
