How to remove $RKGAFT7.exe
- File Details
- Overview
- Analysis
$RKGAFT7.exe
The module $RKGAFT7.exe has been detected as PUP.Pokki
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
9127e95ccf5dc5e828f59e84c4a13969 |
| Size: |
2 MB |
| First Published: |
2017-05-30 18:11:27 (6 years ago) |
| Latest Published: |
2022-05-10 23:50:28 (2 years ago) |
| Status: |
PUP.Pokki (on last analysis) |
|
| Analysis Date: |
2022-05-10 23:50:28 (2 years ago) |
Overview
| Signed By: |
Pokki |
| Status: |
Valid |
| %localappdata%\pokki\engine |
| %sysdrive%\adwcleaner\quarantine\files\puvstpljnwbfttpsjuszpbmjmnoznrfu\engine |
| %localappdata%\pokki |
| %sysdrive%\adwcleaner\quarantine\files\zknpyqkmpsengrusmfymtfgwnngsqpef |
| %sysdrive%\adwcleaner\quarantine\files\tddukjustictdxuowepakvauzwkeiaxh |
| %sysdrive%\adwcleaner\quarantine\files\lbmfqkhvsnoiigcrloksdufmmotwhlce |
| %sysdrive%\adwcleaner\quarantine\files\amxovpebclsbglpiomtgvsnfahdljnha |
| %sysdrive%\adwcleaner\quarantine\files\gnhrjbfuyhrrpsrljwrihmamvmsovhzl |
| %sysdrive%\adwcleaner\quarantine\files\lvgliexicbmaxhbepfzoszkmqlnbrwqv |
| %sysdrive%\adwcleaner\quarantine\files\gwrcrmjthyjzzlmcyhdknhsfspagucwh |
| StartMenuIndexer.exe |
| $RKGAFT7.exe |
| $RV5HAVK.exe |
| $RS6BTB0.exe |
| StartMenuIndexer (1).exe |
|
28.9% |
|
|
12.4% |
|
|
8.3% |
|
|
7.4% |
|
|
4.1% |
|
|
4.1% |
|
|
3.3% |
|
|
3.3% |
|
|
2.5% |
|
|
2.5% |
|
|
2.5% |
|
|
2.5% |
|
|
2.5% |
|
|
1.7% |
|
|
1.7% |
|
|
1.7% |
|
|
1.7% |
|
|
1.7% |
|
|
1.7% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
| Windows 8.1 |
52.1% |
|
| Windows 10 |
47.9% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x001c17a0 |
| Name |
Size of data |
MD5 |
| .text |
2230272 |
31197d3929a7cab531a03b480389ae3c |
| .rdata |
626688 |
12d8516d8c2e74a04be8bcbd567124c2 |
| .data |
31232 |
5d69ea061287b7fe53118d2b32a6a144 |
| .pdata |
134656 |
57189ba5cc5786dcdbef42f24784709e |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| text |
3072 |
4fc1095174c30957e811cc343247cc9d |
| data |
10240 |
a6643ae545092962a14d7bee1a5b20fe |
| .rsrc |
58368 |
28bdafb7e658db23fc6394c912fb670c |
| .reloc |
12800 |
a3f97cea3b2dbb39aa8ae7469e2e1111 |
