How to remove $R1Y4TVA.exe
- File Details
- Overview
- Analysis
$R1Y4TVA.exe
The module $R1Y4TVA.exe has been detected as Adware.Downloader
File Details
| MD5: |
e9ccf89a190133a3473882d5302d9b76 |
| Size: |
574 KB |
| First Published: |
2017-09-30 11:00:41 (7 years ago) |
| Latest Published: |
2018-10-23 06:06:24 (6 years ago) |
| Status: |
Adware.Downloader (on last analysis) |
|
| Analysis Date: |
2018-10-23 06:06:24 (6 years ago) |
Overview
| %profile%\downloads |
| %profile%\guyen tri nguyen\my documents\downloads\programs |
| %sysdrive%\$recycle.bin\s-1-5-21-1185571189-3832473185-1818958336-500 |
| %sysdrive% |
| %profile% |
| [RapidFiles]_42018.exe |
| $R1Y4TVA.exe |
| Windows 7 |
54.5% |
|
| Windows 10 |
18.2% |
|
| Windows XP |
18.2% |
|
| Windows 8.1 |
9.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00011ca9 |
| Name |
Size of data |
MD5 |
| .text |
142848 |
8b47ccbfa8c98148a28925cc8a74f5d8 |
| .rdata |
36864 |
4bc4da57db0c409556cfc496dbd5c13e |
| .data |
3072 |
9630eaded8d133c9f2659c3897e9d265 |
| .gfids |
512 |
86a6a1533c4cb7c6a186479cc6cd866a |
| .rsrc |
383488 |
0237f5864c06093689fc1b4fb7d4186e |
| .reloc |
9728 |
4605908691c6b93011087360164c5d62 |
