How to remove $R22EHUS.exe

» File
File Details
Overview
Analysis

$R22EHUS.exe

The module $R22EHUS.exe has been detected as Trojan.Agent

Remove $R22EHUS.exe

File Details

Main Info:

Product Name:	KMSAuto Net
Company Name:	MSFree Inc.
MD5:	0bb26f80ae0274df1c06c30c4d1913ce
Size:	8 MB
First Published:	2018-02-16 04:06:10 (7 years ago)
Latest Published:	2021-01-04 08:22:40 (4 years ago)

Analysis:

Status:	Trojan.Agent (on last analysis)
Analysis Date:	2021-01-04 08:22:40 (4 years ago)

Common Places:

%commonappdata%

%sysdrive%\chh-pc\backup set 2017-12-30 002247\backup files 2017-12-30 002247\backup files 3.zip\c\programdata

%sysdrive%

%sysdrive%\chh-pc\backup set 2018-02-06 213022\backup files 2018-02-06 213022\backup files 4.zip\c\programdata

%profile%\downloads

%sysdrive%\程式集

%sysdrive%\$recycle.bin\s-1-5-21-1137824154-2436160380-588661513-1001

%profile%

%sysdrive%\$recycle.bin

%temp%

File Names:

KMSAuto Net.exe

$R22EHUS.exe

trzCA3D.tmp

Geography:

	76.8%
	16.1%
	5.5%
	0.4%
	0.4%
	0.4%
	0.4%

OS Version:

Windows 10	78.0%
Windows 7	16.5%
Windows 8.1	3.1%
Windows XP	2.0%
Windows Vista	0.4%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x008b670e

.NET Info:

MVID:	f216097e-9e12-4f1a-8df7-780a2c80dffb
Typelib ID:	fcaa9736-cfc3-43fa-33da-378396c3a336

PE Sections:

Name	Size of data	MD5
.text	9127936	1c9f4a5920310d1de3ddb7d8e8aa2b6f
.sdata	512	8d98ef3fd89ff7b4be27d93227d417a3
.rsrc	48640	41afa8f52c7067da99e3a7e042f106ff
.reloc	512	18420c44fa2742a3c0568c77a85f37a4

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $R22EHUS.exe

copyright for information about $R22EHUS.exe

How to remove $R22EHUS.exe

$R22EHUS.exe

The module $R22EHUS.exe has been detected as Trojan.Agent

File Details

Main Info:

KMSAuto Net

MSFree Inc.

Analysis:

Common Places:

Geography:

OS Version:

Analysis

PE Info:

.NET Info:

PE Sections:

More information: