How to remove $R9SVNHJ.exe

$R9SVNHJ.exe

The module $R9SVNHJ.exe has been detected as Adware.Somoto

$R9SVNHJ.exe
Remove $R9SVNHJ.exe

File Details

Product Name:

Better Installer
Company Name:

Somoto Ltd
MD5: 9f633bcbad2408a47022010192d60863
Size: 193 KB
First Published: 2017-07-09 21:10:25 (7 years ago)
Latest Published: 2019-09-06 23:57:51 (5 years ago)
Status: Adware.Somoto (on last analysis)
Analysis Date: 2019-09-06 23:57:51 (5 years ago)

Common Places:

%localappdata%\tempdir
%profile%\downloads\windows.old\users\juanchope22\appdata\local\tempdir
%localappdata%
%sysdrive%\dad\appdata\local
%sysdrive%\bugs-pc\backup set 2012-06-04 071906\backup files 2012-06-04 071906\backup files 55.zip\c\users\bugs\appdata\local
%sysdrive%\steven-pc\backup set 2012-06-02 123956\backup files 2012-06-02 123956\backup files 60.zip\c\users\steven\appdata\local
%sysdrive%\bugs-pc\backup set 2013-03-05 183632\backup files 2013-03-05 183632\backup files 61.zip\c\users\bugs\appdata\local
%sysdrive%\ms1683-pc\backup set 2013-11-16 075249\backup files 2013-11-16 075249\backup files 7.zip\c\users\ms1683\appdata\local
%sysdrive%\ronee\appdata\local
%sysdrive%\$recycle.bin

File Names:

BetterInstaller.exe
$R9SVNHJ.exe

Geography:

16.7%
12.5%
12.5%
8.3%
8.3%
8.3%
8.3%
4.2%
4.2%
4.2%
4.2%
4.2%
4.2%

OS Version:

Windows 10 66.7%
Windows 7 33.3%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00013624

PE Sections:

Name Size of data MD5
.text 118272 d19e9928e62cdf76e394408a3f4d6d6a
.rdata 34304 903232edbc25767b7e86e1ba40791aa1
.data 11264 44d20cf5288ec6940d04f66979757621
.rsrc 19456 a44a1cd9a5888f2f895e2c5da9ece684
.reloc 13312 47f07c5efecf07cc06ce14687f71fe9d

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $R9SVNHJ.exe
copyright for information about $R9SVNHJ.exe