How to remove $RP00F8N.exe

$RP00F8N.exe

The module $RP00F8N.exe has been detected as Adware.ELEX

$RP00F8N.exe
Remove $RP00F8N.exe

File Details

Product Name:

Firefox
Company Name:

Mozilla Foundation
MD5: 4f849fc8c6ca7ad5d26dd7607d4296db
Size: 95 KB
First Published: 2017-05-21 04:03:35 (7 years ago)
Latest Published: 2019-04-10 02:34:20 (5 years ago)
Status: Adware.ELEX (on last analysis)
Analysis Date: 2019-04-10 02:34:20 (5 years ago)

Overview

Signed By: Mengmeng Wang
Status: Valid

Common Places:

%programfiles%\firefox
%sysdrive%\adwcleaner\quarantine\files\elpsmjvvmbctzuzgymreqtfnlrfefdyb
%profile%\dropbox\farina\backup c\adwcleaner\quarantine\files\elpsmjvvmbctzuzgymreqtfnlrfefdyb
%sysdrive%\$recycle.bin\s-1-5-21-1992274373-2149420621-907573384-1000
%sysdrive%\adwcleaner\quarantine\files\qivticfbhplowovmvofwbvcmqdkrzqie
%sysdrive%\adwcleaner\quarantine\files\brtzueofziatokksflqoyuuhpwqqkxer
%sysdrive%\adwcleaner\quarantine\files\ukyiiewribfnwsfajtujlibnuipogenb
%programfiles%\5901eb50_jumpeasy\sdirec
%programfiles%
%programfiles%\5901c7ea_jumpeasy

File Names:

wow_helper.exe
$RP00F8N.exe

Geography:

18.5%
14.8%
11.1%
11.1%
11.1%
11.1%
7.4%
3.7%
3.7%
3.7%
3.7%

OS Version:

Windows 7 48.1%
Windows 10 37.0%
Windows XP 11.1%
Windows 8 3.7%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00001930

PE Sections:

Name Size of data MD5
.text 44032 2dd7533ca7b3a3c24aae41ce73ecfcec
.TargetC 512 9829836b98074d6c7c86063ac7d692aa
.rdata 36864 c91e1df8e5edfe65a8c4dff6acd8e170
.data 2560 899deabe63a8a05d0e7e5edbabdbf3c7
.pdata 3584 39273626445e9ee398b003cd578470f2
.gfids 512 d731c1c17963ab435c9f271642619cd7
.rsrc 1024 2b19deac21b216047af66c152531ef66
.reloc 2048 6c86d343b8a89c640cbffd291f024b12

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RP00F8N.exe
copyright for information about $RP00F8N.exe