How to remove $R9GCSTP.exe

» File
File Details
Overview
Analysis

$R9GCSTP.exe

The module $R9GCSTP.exe has been detected as General Threat

Remove $R9GCSTP.exe

File Details

Main Info:

Product Name:	ChromePass
Company Name:	NirSoft
MD5:	7b641e136f446860c48a3a870523249f
Size:	214 KB
First Published:	2017-05-22 11:23:23 (7 years ago)
Latest Published:	2024-09-07 23:01:10 (8 months ago)

Analysis:

Status:	General Threat (on last analysis)
Analysis Date:	2024-09-07 23:01:10 (8 months ago)

Common Places:

%desktop%\lock\001 a my tools\nir soft\nirsoft

%desktop%\lock\security\nir soft\nirsoft

%sysdrive%\$recycle.bin\s-1-5-21-926333572-1141172302-625575263-1000

%localappdata%\temp

%sysdrive%\windows.old\windows\system32\config\systemprofile\appdata\local

%temp%

%sysdrive%\downloads\downloads\passwordstealer-master

%profile%\yandexdisk\документы\soft 2013\autoplay\docs

%profile%\yandexdisk\документы\soft 2013\autoplay\docs\249.exe

%desktop%

File Names:

chromepass.exe

$R9GCSTP.exe

WebBrowserPassView3.exe

ChromePass.exe

7.exe

ChromePass.exe.mwt

chromepass.exe.mwt

Geography:

	25.4%
	23.9%
	11.9%
	10.4%
	7.5%
	3.0%
	3.0%
	3.0%
	3.0%
	1.5%
	1.5%
	1.5%
	1.5%
	1.5%
	1.5%

OS Version:

Windows 10	70.6%
Windows 7	26.5%
Windows 8.1	1.5%
Windows 8	1.5%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0002ae90

PE Sections:

Name	Size of data	MD5
.text	173568	8364ea60857e0839dd111b0cd99a4c41
.rdata	29184	ddb4af9e4385704ad212edd9286d6620
.data	3584	bf7259f21ab19686e450616820d44df9
.rsrc	11776	a418f38aa6e597a29294b21d8b7e17ba

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $R9GCSTP.exe

copyright for information about $R9GCSTP.exe

How to remove $R9GCSTP.exe

$R9GCSTP.exe

The module $R9GCSTP.exe has been detected as General Threat

File Details

Main Info:

ChromePass

NirSoft

Analysis:

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: