How to remove $RSTVLVR.EXE
- File Details
- Overview
- Analysis
$RSTVLVR.EXE
The module $RSTVLVR.EXE has been detected as General Threat
File Details
Company Name: |
|
MD5: |
e71350dbb71c7841817afb668c4cd346 |
Size: |
2 MB |
First Published: |
2018-08-09 07:07:14 (7 years ago) |
Latest Published: |
2024-08-10 23:02:25 (a year ago) |
Status: |
General Threat (on last analysis) |
|
Analysis Date: |
2024-08-10 23:02:25 (a year ago) |
%sysdrive%\$recycle.bin |
%mydoc%\已恢复 |
%mydoc%\已恢复 |
%mydoc%\已恢复 |
%mydoc%\已恢复 |
%sysdrive%\$recycle.bin\s-1-5-21-3797173654-4006398556-1229081200-500 |
Windows 10 |
83.3% |
|
Windows 7 |
16.7% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x001ca284 |
Name |
Size of data |
MD5 |
CODE |
1876480 |
7d4b41d785e73a45415efb8b18e1f861 |
DATA |
38912 |
cef39c310001df8750c40b4c5d920fbe |
BSS |
0 |
00000000000000000000000000000000 |
.idata |
12800 |
31083a92516617d537227766df3e4952 |
.tls |
0 |
00000000000000000000000000000000 |
.rdata |
512 |
6a3c81f181929f1ff7040b4f728726e1 |
.reloc |
111616 |
2ec4e3ac0b0bc5288333cb7e514707f4 |
.rsrc |
930304 |
041ca1f53e1757a4665accc4bc45849d |