How to remove $RHSKTF0.exe

$RHSKTF0.exe

The module $RHSKTF0.exe has been detected as PUP.Baidu

$RHSKTF0.exe
Remove $RHSKTF0.exe

File Details

Product Name:

BaiduYunGuanjia Application
Company Name:

Baidu.com, Inc.
MD5: 4413a29d28630267444cdde84f7dffed
Size: 1 MB
First Published: 2017-05-21 04:03:41 (7 years ago)
Latest Published: 2019-11-08 05:39:57 (5 years ago)
Status: PUP.Baidu (on last analysis)
Analysis Date: 2019-11-08 05:39:57 (5 years ago)

Overview

Signed By: BeiJing Baidu Netcom Science Technology Co., Ltd
Status: Valid

Common Places:

%appdata%\baidu\baiduyunguanjia\autoupdate
%appdata%\baidu\baidunetdisk\autoupdate
%desktop%\utility\baiduyun 5.5.0 (portable)\baidunetdisk\autoupdate
%sysdrive%\adwcleaner\quarantine\c\users\lmstudio\appdata\roaming\baidu\baiduyunguanjia\autoupdate
%sysdrive%\windows.old\users\user\appdata\roaming\baidu\baiduyunguanjia\autoupdate
%system%\config\systemprofile\appdata\roaming\baidu\baidunetdisk\autoupdate
%sysdrive%\1programexe\3web-net-down\down-baiduyunguanjia
%appdata%\baidu\baiduyunguanjia
%desktop%\片山 高志\appdata\roaming\baidu\baiduyunguanjia
%appdata%\baidu\baidunetdisk

File Names:

Autoupdate.exe
$RHSKTF0.exe
Autoupdate.exe.vir

Geography:

52.9%
23.2%
6.6%
5.0%
3.1%
1.9%
1.5%
1.5%
0.8%
0.8%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%

OS Version:

Windows 10 49.8%
Windows 7 43.2%
Windows 8.1 4.6%
Windows 8 1.5%
Windows Server 2012 R2 0.4%
Windows Server 2008 R2 0.4%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0008a6c5

PE Sections:

Name Size of data MD5
.text 1277440 83eeaaf754851b4bf7c823a6098cc149
.rdata 521216 b0169506372aa0d984aec9c7b3fc8fe2
.data 49664 5651a1de723a5f90f13d531d95c91372
.rsrc 82944 7e1866331fef42154743552432fc7b57
.reloc 88576 994c877f779fe4ba851cb7e2e9a0b1e1

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RHSKTF0.exe
copyright for information about $RHSKTF0.exe