How to remove $RTFKRNQ.exe

$RTFKRNQ.exe

The module $RTFKRNQ.exe has been detected as Adware.ELEX

$RTFKRNQ.exe
Remove $RTFKRNQ.exe

File Details

Product Name:

Firefox
Company Name:

Mozilla Corporation
MD5: 513e20bc9aaff258edabc11dee88c9c3
Size: 488 KB
First Published: 2017-05-24 11:10:30 (6 years ago)
Latest Published: 2019-04-01 19:50:01 (5 years ago)
Status: Adware.ELEX (on last analysis)
Analysis Date: 2019-04-01 19:50:01 (5 years ago)

Overview

Signed By: Mengmeng Wang
Status: Valid

Common Places:

%programfiles%\firefox
%sysdrive%\adwcleaner\quarantine\files\rszejbxwtcmauudlsqitlujsdrmndwbk
%sysdrive%\$recycle.bin\s-1-5-21-3737494481-1270847105-2955528620-1000
%programfiles%\59268ba6_jumpeasy\sdirec
%programfiles%\592555f9_jumpeasy\sdirec
%sysdrive%\adwcleaner\quarantine\files\tpcysuvkwihevhehjjthgqodwqcmcura
%sysdrive%\adwcleaner\quarantine\files\pdtyxugckxueyuxrhshgxdjblezsdqrw
%sysdrive%\adwcleaner\quarantine\files\mjxftjlavkjfpqywfokrhiyzuuxwsoxt
%sysdrive%\quarantine_mzk\folders\201705258450847\firefox. 9.15.57.25
%programfiles%

File Names:

Firefox.exe
$RTFKRNQ.exe
Firefox.exe.quarantined
Firefox.VIR

Geography:

30.1%
12.4%
9.8%
8.5%
6.5%
5.2%
2.6%
2.6%
2.0%
2.0%
2.0%
2.0%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%

OS Version:

Windows 7 57.5%
Windows 10 36.6%
Windows 8.1 3.3%
Windows Vista 1.3%
Windows 8 0.7%
Windows Server 2012 R2 0.7%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0001d5e1

PE Sections:

Name Size of data MD5
.text 121856 fd53da920de444e48d4e5a76d8f52c7f
.rdata 94720 cb4b81aec3e0513ce1cb02916da8fa20
.data 512 12a100d44b526abf01cc8546d599aec4
.gfids 512 d96237be90405ab691ad7f1f4df72be7
.tls 512 1f354d76203061bfdd5a53dae48d5435
.rsrc 268800 1627c18db3ec682b16da1a49552f9884
.reloc 6656 08cd5b141dd783eb68efb4f5dd3764ff

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RTFKRNQ.exe
copyright for information about $RTFKRNQ.exe