How to remove $RP8KNFG.exe
- File Details
- Overview
- Analysis
$RP8KNFG.exe
The module $RP8KNFG.exe has been detected as Adware.OpenCandy
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
248d7a8c13d8e1e0fdec6cf4814cef55 |
| Size: |
1 MB |
| First Published: |
2017-05-24 21:04:38 (7 years ago) |
| Latest Published: |
2018-09-24 04:09:58 (5 years ago) |
| Status: |
Adware.OpenCandy (on last analysis) |
|
| Analysis Date: |
2018-09-24 04:09:58 (5 years ago) |
Overview
| %profile%\downloads |
| %sysdrive%\$recycle.bin\s-1-5-21-1566554040-420984689-2419509077-1001 |
| %sysdrive%\$recycle.bin\s-1-5-21-3954703719-595058540-3221643461-1001 |
| %sysdrive%\downloads |
| %desktop%\documents\downloads |
| %mydoc%\documents\downloads |
| %mydoc%\sync\documents\downloads |
| %profile%\downloads\programs |
| %profile%\downloads\new folder (2) |
| %localappdata%\microsoft\windows\temporary internet files\low\content.ie5\4xdw96ur |
| InstallFreeRARExtractFrog.exe |
| $RP8KNFG.exe |
| $RR04ZG0.exe |
| InstallFreeRARExtractFrog[1].exe |
| Free_RAR_Extract_Frog_v7.00.exe |
| $RLEPMR5.exe |
| InstallFreeRARExtractFrog (1).exe |
| $RN1T6AU.exe |
|
36.9% |
|
|
5.8% |
|
|
5.8% |
|
|
4.9% |
|
|
4.9% |
|
|
4.9% |
|
|
4.9% |
|
|
3.9% |
|
|
3.9% |
|
|
3.9% |
|
|
2.9% |
|
|
2.9% |
|
|
2.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
| Windows 10 |
52.9% |
|
| Windows 7 |
37.5% |
|
| Windows 8.1 |
7.7% |
|
| Windows 8 |
1.9% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000030cb |
| Name |
Size of data |
MD5 |
| .text |
23040 |
c69726ed422d3dcfdec9731986daa752 |
| .rdata |
4608 |
a2c7710fa66fcbb43c7ef0ab9eea5e9a |
| .data |
1024 |
e59cdcb732e4bfbc84cc61dd68354f78 |
| .ndata |
0 |
00000000000000000000000000000000 |
| .rsrc |
19968 |
6beff9717ff8b5de04bba787bb871d8c |
