How to remove $R23LWYA.exe
- File Details
- Overview
- Analysis
$R23LWYA.exe
The module $R23LWYA.exe has been detected as Adware.TopTools
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
68558e9fe37e2b8e85a2bdf899bedf6e |
| Size: |
1 MB |
| First Published: |
2017-05-21 20:03:50 (6 years ago) |
| Latest Published: |
2021-01-06 12:22:29 (3 years ago) |
| Status: |
Adware.TopTools (on last analysis) |
|
| Analysis Date: |
2021-01-06 12:22:29 (3 years ago) |
Overview
| %programfiles%\weathertool\2.0.1.5000183 |
| %sysdrive%\adwcleaner\quarantine\files\rfbisbdgtvtyzdjfcyrnkgacrbnkjjct\2.0.1.5000183 |
| %programfiles%\weathertool |
| %sysdrive%\adwcleaner\quarantine\rqf69azbla |
| %sysdrive%\adwcleaner\quarantine\files\kremfawbrjrcadxtphepogoujvismkfi |
| %sysdrive%\adwcleaner\quarantine\x3cf3ednhm |
| %sysdrive%\$recycle.bin |
| %sysdrive%\adwcleaner\quarantine\files\zwysadltghodwfhbqgezutimfzfxsxdo |
| %sysdrive%\adwcleaner\quarantine\files\tdilmvaoopnkudfhwbnrujgemlpbcjfd |
| %appdata%\zhp\quarantine\weathertool.dir |
| weather_lite.exe |
| $R23LWYA.exe |
| weather_lite_IObitDel.exe |
|
47.7% |
|
|
35.7% |
|
|
10.2% |
|
|
5.7% |
|
|
0.4% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 10 |
45.7% |
|
| Windows 7 |
40.9% |
|
| Windows 8.1 |
10.9% |
|
| Windows 8 |
2.2% |
|
| Windows Vista |
0.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x000b4548 |
| Name |
Size of data |
MD5 |
| .text |
906240 |
37f3e17949d7343808aac368ec262860 |
| .rdata |
251392 |
38cfa696b7866c6947b45311b5a803c0 |
| .data |
20480 |
3aac22332688e35731913c3a0052d62b |
| .pdata |
61440 |
0feb9002e1f1fbce4c7b76f0ce0ae8f6 |
| .rsrc |
142336 |
8beca9b05320f72e1e5aad6744cf4794 |
| .reloc |
13824 |
546e0760bbc23e3107dfc265071bd31d |
