How to remove $R6IW9A1.exe
- File Details
- Overview
- Analysis
$R6IW9A1.exe
The module $R6IW9A1.exe has been detected as Adware.ELEX
File Details
| Product Name: |
|
| MD5: |
f2d040bce807d6bea5c7789ffb5237ad |
| Size: |
512 KB |
| First Published: |
2017-05-21 17:06:17 (6 years ago) |
| Latest Published: |
2021-06-28 20:05:48 (2 years ago) |
| Status: |
Adware.ELEX (on last analysis) |
|
| Analysis Date: |
2021-06-28 20:05:48 (2 years ago) |
Overview
| %programfiles%\thinksky\itools 3 |
| %programfiles%\thinksky |
| %sysdrive%\w.genel |
| %sysdrive%\$recycle.bin |
| %sysdrive%\system volume information\systemrestore\frstaging\program files\thinksky |
| %programfiles%\thinksky |
| %programfiles%\thinksky |
| %programfiles%\thinksky |
| %programfiles%\thinksky |
| %programfiles%\thinksky |
| iToolsDaemon.exe |
| $R6IW9A1.exe |
|
18.9% |
|
|
14.7% |
|
|
13.9% |
|
|
7.7% |
|
|
6.9% |
|
|
4.6% |
|
|
2.7% |
|
|
2.3% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
| Windows 7 |
52.5% |
|
| Windows 10 |
29.9% |
|
| Windows 8.1 |
7.3% |
|
| Windows Vista |
5.0% |
|
| Windows 8 |
3.1% |
|
| Windows XP |
2.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0001c892 |
| Name |
Size of data |
MD5 |
| .text |
125440 |
71256b21f55f1eb34c2e41bc7d5812ba |
| .rdata |
48128 |
4ff4380b7c31154ca393feafcff875f8 |
| .data |
3072 |
62835786007e335fae96e1b9c79aabe8 |
| .rsrc |
325632 |
7f9b3c3c221b9ff860a0b01e37123a75 |
| .reloc |
15360 |
7fd1b037a355570fd631fce6cf80844e |
