How to remove $RTOMS91.exe

» File
File Details
Overview
Analysis

$RTOMS91.exe

The module $RTOMS91.exe has been detected as Adware.Downloader

$RTOMS91.exe

Remove $RTOMS91.exe

File Details

Main Info:

Product Name:	toolmini Application
MD5:	0552b8e1f9e26fded1223fe9a185e3ae
Size:	835 KB
First Published:	2017-06-07 13:04:41 (7 years ago)
Latest Published:	2018-03-26 23:06:57 (6 years ago)

Analysis:

Status:	Adware.Downloader (on last analysis)
Analysis Date:	2018-03-26 23:06:57 (6 years ago)

Overview

Digital Signature

Signed By:	Baidu Japan Inc.
Status:	Valid

Common Places:

%localappdata%\temp

%sysdrive%\$recycle.bin\s-1-5-21-1290097628-2106574340-442846761-1001

%localappdata%

%temp%

File Names:

WeatherTool_marketator01.exe

$RTOMS91.exe

Geography:

100.0%

OS Version:

Windows 10	54.2%
Windows 7	45.8%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000543ca

PE Sections:

Name	Size of data	MD5
.text	501760	0c544a302ffc90c25871940e31d8a80c
.rdata	66560	bc4b5c6d40a3d120ac846720897b6f4e
.data	8192	175604b273f48fc79048c905288470fd
.rsrc	245248	98d4a426935759e05f6579aecf79da67
.reloc	27136	65ab5cff0641c09d4d2dd6b0110139bc

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RTOMS91.exe

copyright for information about $RTOMS91.exe