How to remove $R1TEHDK.exe

$R1TEHDK.exe

The module $R1TEHDK.exe has been detected as Adware.Agent

$R1TEHDK.exe
Remove $R1TEHDK.exe

File Details

Product Name:

快压
Company Name:

上海广乐网络科技有限公司
MD5: 6a229eae0525a7e3dc5fd7d60d748f66
Size: 1 MB
First Published: 2017-05-21 13:07:18 (6 years ago)
Latest Published: 2019-06-30 06:18:49 (4 years ago)
Status: Adware.Agent (on last analysis)
Analysis Date: 2019-06-30 06:18:49 (4 years ago)

Overview

Signed By: 上海广乐网络科技有限公司
Status: Invalid (digital signature could be stolen or file could be patched)

Common Places:

%temp%\kz7zdata.7z\x86
%programfiles%\¿ìñ¹\x86
%programfiles%\תוכנת זבל למחיקה\x86
%programfiles%\їмс№\x86
%sysdrive%\$recycle.bin\s-1-5-21-4073234384-243557768-2028262755-1001\$rqhhrc4.7z\x86
%temp%\qzt2b3d.294\x86.zip\x86
%sysdrive%\$recycle.bin\s-1-5-21-3170314983-4022405219-3210896362-1000
%programfiles%\¿ìñ¹
%programfiles%\їмс№
%sysdrive%\adwcleaner\quarantine\files\mgtjqyqjajjlbhhmhojgwnitlzvztbak

File Names:

KZTui.exe
$R1TEHDK.exe

Geography:

10.0%
10.0%
10.0%
10.0%
10.0%
10.0%
6.7%
6.7%
3.3%
3.3%
3.3%
3.3%
3.3%
3.3%
3.3%
3.3%

OS Version:

Windows 10 40.0%
Windows 7 36.7%
Windows 8.1 23.3%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0008bdc8

PE Sections:

Name Size of data MD5
.text 946176 cb0da184ccee98a106309e8919374f35
.rdata 319488 a22bf7c256d5a706f2b4e5b8086d7b16
.data 17920 a4a48fda03a47e815043cae4566c10e4
.rsrc 70144 aa37ba8f558a1ae2daccde95fac65225
.reloc 55808 6d930eb8e5ab9ad3fe3797da3afe6fc5

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $R1TEHDK.exe
copyright for information about $R1TEHDK.exe